Actions
Bug #5283
closed5.0.x: ftp: don't let first incomplete segment be over maximum length
Affected Versions:
Effort:
Difficulty:
Label:
Description
The first non-terminated ftp command segment is buffered with no size limit. This results in a subsequent segment causing an integer to enter a negative state which is then asserted on with a DEBUG_VALIDATE_BUG_ON. Make sure the first segment is subject to limits of subsequent segments.
Then result is non-debug-validate-bug-on builds is that the first logged segment can be up to 65k, but their should be no security related issue here as the right thing is already done for negative values.
Updated by Jeff Lucovsky over 2 years ago
- Copied from Bug #5281: ftp: don't let first incomplete segment be over maximum length added
Updated by Jason Ish over 2 years ago
- Assignee changed from Jeff Lucovsky to Jason Ish
Updated by Jason Ish over 2 years ago
- Status changed from Assigned to In Review
Updated by Jason Ish over 2 years ago
- Subject changed from ftp: don't let first incomplete segment be over maximum length to 5.0.x: ftp: don't let first incomplete segment be over maximum length
Updated by Victor Julien over 2 years ago
- Status changed from In Review to Closed
Updated by Victor Julien over 2 years ago
- Affected Versions 5.0.9 added
- Affected Versions deleted (
6.0.5)
Actions