From owner-freebsd-bugs@FreeBSD.ORG  Sun May 11 08:30:12 2003
Return-Path: <owner-freebsd-bugs@FreeBSD.ORG>
Delivered-To: freebsd-bugs@hub.freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 008D937B401
	for <freebsd-bugs@hub.freebsd.org>;
	Sun, 11 May 2003 08:30:10 -0700 (PDT)
Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 7E55A43F3F
	for <freebsd-bugs@hub.freebsd.org>;
	Sun, 11 May 2003 08:30:10 -0700 (PDT)
	(envelope-from gnats@FreeBSD.org)
Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1])
	by freefall.freebsd.org (8.12.9/8.12.9) with ESMTP id h4BFUAUp059774
	for <freebsd-bugs@freefall.freebsd.org>;
	Sun, 11 May 2003 08:30:10 -0700 (PDT)
	(envelope-from gnats@freefall.freebsd.org)
Received: (from gnats@localhost)
	by freefall.freebsd.org (8.12.9/8.12.9/Submit) id h4BFUAEf059773;
	Sun, 11 May 2003 08:30:10 -0700 (PDT)
Date: Sun, 11 May 2003 08:30:10 -0700 (PDT)
Message-Id: <200305111530.h4BFUAEf059773@freefall.freebsd.org>
To: freebsd-bugs@FreeBSD.org
From: Alex Semenyaka <alexs@ratmir.ru>
Subject: Re: bin/52072: Wrong behaviour of the ftpd when the OOB data
	received
X-BeenThere: freebsd-bugs@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
Reply-To: Alex Semenyaka <alexs@ratmir.ru>
List-Id: Bug reports <freebsd-bugs.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-bugs>,
	<mailto:freebsd-bugs-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-bugs>
List-Post: <mailto:freebsd-bugs@freebsd.org>
List-Help: <mailto:freebsd-bugs-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-bugs>,
	<mailto:freebsd-bugs-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 11 May 2003 15:30:12 -0000

The following reply was made to PR bin/52072; it has been noted by GNATS.

From: Alex Semenyaka <alexs@ratmir.ru>
To: FreeBSD-gnats-submit@FreeBSD.org, freebsd-bugs@FreeBSD.org
Cc:  
Subject: Re: bin/52072: Wrong behaviour of the ftpd when the OOB data received
Date: Sun, 11 May 2003 19:23:36 +0400

 Small code clean-up. The idea is the same but the code is much more compact.
 New patch:
 
 --- ftpd.c.old	Sun May 11 18:05:55 2003
 +++ ftpd.c	Sun May 11 19:21:10 2003
 @@ -192,4 +192,7 @@
  char	*pid_file = NULL;
  
 +#define NO_ABRT 0
 +#define IS_ABRT 1
 +
  /*
   * Limit number of pathnames that glob can return.
 @@ -247,5 +250,5 @@
  static void	 ack __P((char *));
  static void	 sigurg __P((int));
 -static void	 myoob __P((void));
 +static int	 myoob __P((void));
  static int	 checkuser __P((char *, char *, int, char **));
  static FILE	*dataconn __P((char *, off_t, char *));
 @@ -1979,6 +1982,6 @@
  	case TYPE_A:
  		while ((c = getc(instr)) != EOF) {
 -			if (recvurg)
 -				goto got_oob;
 +			if (recvurg && IS_ABRT == myoob())
 +				return (-1);
  			byte_count++;
  			if (c == '\n') {
 @@ -1989,6 +1992,6 @@
  			(void) putc(c, outstr);
  		}
 -		if (recvurg)
 -			goto got_oob;
 +		if (recvurg && IS_ABRT == myoob())
 +			return (-1);
  		fflush(outstr);
  		transflag = 0;
 @@ -2024,6 +2027,6 @@
  				 */
  				byte_count += cnt;
 -				if (recvurg)
 -					goto got_oob;
 +				if (recvurg && IS_ABRT == myoob())
 +					return (-1);
  				offset += cnt;
  				filesize -= cnt;
 @@ -2077,9 +2080,4 @@
  	return (-1);
  
 -got_oob:
 -	myoob();
 -	recvurg = 0;
 -	transflag = 0;
 -	return (-1);
  }
  
 @@ -2106,12 +2104,12 @@
  	case TYPE_L:
  		while ((cnt = read(fileno(instr), buf, sizeof(buf))) > 0) {
 -			if (recvurg)
 -				goto got_oob;
 +			if (recvurg  && IS_ABRT == myoob())
 +				return (-1);
  			if (write(fileno(outstr), buf, cnt) != cnt)
  				goto file_err;
  			byte_count += cnt;
  		}
 -		if (recvurg)
 -			goto got_oob;
 +		if (recvurg  && IS_ABRT == myoob())
 +			return (-1);
  		if (cnt < 0)
  			goto data_err;
 @@ -2126,6 +2124,6 @@
  	case TYPE_A:
  		while ((c = getc(instr)) != EOF) {
 -			if (recvurg)
 -				goto got_oob;
 +			if (recvurg  && IS_ABRT == myoob())
 +				return (-1);
  			byte_count++;
  			if (c == '\n')
 @@ -2143,6 +2141,6 @@
  	contin2:	;
  		}
 -		if (recvurg)
 -			goto got_oob;
 +		if (recvurg && IS_ABRT == myoob())
 +			return (-1);
  		fflush(outstr);
  		if (ferror(instr))
 @@ -2174,9 +2172,4 @@
  	return (-1);
  
 -got_oob:
 -	myoob();
 -	recvurg = 0;
 -	transflag = 0;
 -	return (-1);
  }
  
 @@ -2633,12 +2626,17 @@
  }
  
 -static void
 +/* Returns IS_ABRT in the case of ABRT */
 +
 +static int
  myoob()
  {
  	char *cp;
 +	int is_abrt = NO_ABRT;
 +
 +	recvurg = 0;
  
  	/* only process if transfer occurring */
  	if (!transflag)
 -		return;
 +		return is_abrt;
  	cp = tmpline;
  	if (getline(cp, 7, stdin) == NULL) {
 @@ -2651,4 +2649,6 @@
  		reply(426, "Transfer aborted. Data connection closed.");
  		reply(226, "Abort successful");
 +		is_abrt = IS_ABRT;
 +		transflag = 0;
  	}
  	if (strcmp(cp, "STAT\r\n") == 0) {
 @@ -2660,4 +2660,5 @@
  			reply(213, "Status: %qd bytes transferred", byte_count);
  	}
 +	return is_abrt;
  }
  
 @@ -3043,10 +3044,6 @@
  			char nbuf[MAXPATHLEN];
  
 -			if (recvurg) {
 -				myoob();
 -				recvurg = 0;
 -				transflag = 0;
 +			if (recvurg && IS_ABRT == myoob())
  				goto out;
 -			}
  
  			if (dir->d_name[0] == '.' && dir->d_namlen == 1)