From alexk@ak.east.ru  Sat May  6 08:55:39 2000
Return-Path: <alexk@ak.east.ru>
Received: from ak.east.ru (ak.east.ru [195.170.33.21])
	by hub.freebsd.org (Postfix) with ESMTP id 101F437BAD9
	for <FreeBSD-gnats-submit@freebsd.org>; Sat,  6 May 2000 08:55:37 -0700 (PDT)
	(envelope-from alexk@ak.east.ru)
Received: (from alexk@localhost)
	by ak.east.ru (8.9.3/8.9.3) id TAA46992;
	Sat, 6 May 2000 19:55:36 +0400 (MSD)
	(envelope-from alexk)
Message-Id: <200005061555.TAA46992@ak.east.ru>
Date: Sat, 6 May 2000 19:55:36 +0400 (MSD)
From: alexk@east.ru
Sender: alexk@ak.east.ru
To: FreeBSD-gnats-submit@freebsd.org
Subject: Virtual hosts support broken in ftpd
X-Send-Pr-Version: 3.2

>Number:         18410
>Category:       bin
>Synopsis:       Virtual hosts support broken in ftpd
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    yar
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Sun May 07 01:10:14 PDT 2000
>Closed-Date:    Tue Sep 03 04:02:07 PDT 2002
>Last-Modified:  Tue Sep 03 04:02:07 PDT 2002
>Originator:     Alexey Kshnyakin
>Release:        FreeBSD 4.0-STABLE i386
>Organization:
East Connection ISP
>Environment:
 FreeBSD ak.east.ru 4.0-STABLE FreeBSD 4.0-STABLE #5: Mon May  1 11:26:41 MSD 2000     root@ak.east.ru:/usr/src/sys/compile/AK  i386
 
>Description:
 
 Virtual hosts support in ftpd is broken.
 ftpd.c, version 1.62, use strtok() multiple times on single line
 trying to build list of aliases for each virtual host described
 in /etc/ftphosts. Under some circumstances this leads to wrong
 actions (like chroot) effectively breaking ftp access.
 
>How-To-Repeat:
 
 We have ftpd made without INET6 option and also kernel without INET6
 support. getaddrinfo() in this environment returns two elements for
 each address.
 
 
>Fix:
 
 The really quick and dirty patch is below:
 
 --- /usr/src/libexec/ftpd/ftpd.c	Thu Feb 10 22:51:30 2000
 +++ ftpd.c	Sat May  6 19:10:19 2000
 @@ -370,7 +370,6 @@
  			break;
  		}
  	}
 -
  #ifdef VIRTUAL_HOSTING
  	inithosts();
  #endif
 @@ -617,7 +616,7 @@
  	FILE *fp;
  	char *cp;
  	struct ftphost *hrp, *lhrp;
 -	char line[1024];
 +	char line[1024], l1[1024];
  	struct addrinfo hints, *res, *ai;
  
  	/*
 @@ -658,7 +657,8 @@
  				continue;
  			}
  			*cp = '\0';
 -			cp = strtok(line, " \t");
 +			strncpy(l1, line, sizeof(line)-1); l1[sizeof(l1)-1]='\0';
 +			cp = strtok(l1, " \t");
  			/* skip comments and empty lines */
  			if (cp == NULL || line[0] == '#')
  				continue;
 @@ -761,7 +761,8 @@
  				++i;
  			}
  			/* XXX: re-initialization for getaddrinfo() loop */
 -			cp = strtok(line, " \t");
 +			strncpy(l1, line, sizeof(line)-1); l1[sizeof(l1)-1]='\0';
 +			cp = strtok(l1, " \t");
  		      }
  		}
  		(void) fclose(fp);
 
>Release-Note:
>Audit-Trail:
State-Changed-From-To: open->closed 
State-Changed-By: steve 
State-Changed-When: Sun May 7 07:12:21 PDT 2000 
State-Changed-Why:  
Followup to another PR. 
State-Changed-From-To: closed->open 
State-Changed-By: steve 
State-Changed-When: Sun May 14 13:08:39 PDT 2000 
State-Changed-Why:  
Oops.  I didn't mean to close this one.  It definitely isn't a 
followup to another PR, but rather a new PR altogether including 
a patch. :) 


Responsible-Changed-From-To: gnats-admin->freebsd-bugs 
Responsible-Changed-By: steve 
Responsible-Changed-When: Sun May 14 13:08:39 PDT 2000 
Responsible-Changed-Why:  
Misfiled PR. 
State-Changed-From-To: open->patched 
State-Changed-By: yar 
State-Changed-When: Tue Jul 16 09:31:08 PDT 2002 
State-Changed-Why:  
A more elaborate fix committed to CURRENT. 


Responsible-Changed-From-To: freebsd-bugs->yar 
Responsible-Changed-By: yar 
Responsible-Changed-When: Tue Jul 16 09:31:08 PDT 2002 
Responsible-Changed-Why:  
MFC reminder. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=18410 
State-Changed-From-To: patched->closed 
State-Changed-By: yar 
State-Changed-When: Tue Sep 3 04:01:32 PDT 2002 
State-Changed-Why:  
The bug has been fixed in -STABLE as well. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=18410 
>Unformatted:
