From nobody@FreeBSD.ORG Thu Aug 19 15:24:26 1999
Return-Path: <nobody@FreeBSD.ORG>
Received: by hub.freebsd.org (Postfix, from userid 32767)
	id 5CF3A151BD; Thu, 19 Aug 1999 15:24:26 -0700 (PDT)
Message-Id: <19990819222426.5CF3A151BD@hub.freebsd.org>
Date: Thu, 19 Aug 1999 15:24:26 -0700 (PDT)
From: ian@plutotech.com
Sender: nobody@FreeBSD.ORG
To: freebsd-gnats-submit@freebsd.org
Subject: ftpd mishandles STAT command during a file transfer
X-Send-Pr-Version: www-1.0

>Number:         13261
>Category:       misc
>Synopsis:       ftpd mishandles STAT command during a file transfer
>Confidential:   no
>Severity:       serious
>Priority:       low
>Responsible:    freebsd-bugs
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Thu Aug 19 15:30:00 PDT 1999
>Closed-Date:    Sat Sep 11 18:27:55 PDT 1999
>Last-Modified:  Sat Sep 11 18:28:52 PDT 1999
>Originator:     Ian Lepore
>Release:        3.1-Stable
>Organization:
Pluto Technologies Intl, Inc
>Environment:
FreeBSD the60s.hippie.lan 3.1-STABLE FreeBSD 3.1-STABLE #8: Mon May 17 17:34:13 MDT 1999     root@bsd1.hippie.lan:/usr/src/sys/compile/IAN  i386
>Description:
When a STAT command is sent to ftpd as an out-of-band transmission during a file transfer, the command is mishandled on every other receipt of the command.  On the first receipt, the command is handled correctly, but is left in the tmpline buffer.  On the next SIGURG, the hacked-up getline() returns an empty string and that STAT request is ignored.  The next one works, the one after that fails, and so on.
>How-To-Repeat:
Send a series of STAT requests as OOB data to an ftpd while a file transfer is in progress, and observe that you get a response to every other request.
>Fix:
In ftpd.c, in the myoob() routine, a line should be added in the if branch that handles the STAT command, to set tmpline[0] = '\0'; (as it already does for the ABOR command).  I have applied and tested this fix on my local system, and it results in correct behavior (every STAT request receives a response).

>Release-Note:
>Audit-Trail:
State-Changed-From-To: open->closed 
State-Changed-By: mharo 
State-Changed-When: Sat Sep 11 18:27:55 PDT 1999 
State-Changed-Why:  
Fix committed.  Thanks for finding this. 
>Unformatted:
