summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorFederico G. Schwindt <fgsch@cvs.openbsd.org>2005-04-21 05:17:22 +0000
committerFederico G. Schwindt <fgsch@cvs.openbsd.org>2005-04-21 05:17:22 +0000
commit9de7296b65c0a0f4bd9982bb11269ef1561009c1 (patch)
tree989dd6ed042c83d87dbd6dbb5063b08d89214993
parent0630a248b4a827b97f7736baa5cba694697b1008 (diff)
avoid infinite recursion on redirects; From NetBSD but limit set to 10.
deraadt@ ok.
-rw-r--r--usr.bin/ftp/fetch.c11
1 files changed, 9 insertions, 2 deletions
diff --git a/usr.bin/ftp/fetch.c b/usr.bin/ftp/fetch.c
index 35115141fa3..25220512d21 100644
--- a/usr.bin/ftp/fetch.c
+++ b/usr.bin/ftp/fetch.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: fetch.c,v 1.53 2005/04/11 15:16:50 deraadt Exp $ */
+/* $OpenBSD: fetch.c,v 1.54 2005/04/21 05:17:21 fgsch Exp $ */
/* $NetBSD: fetch.c,v 1.14 1997/08/18 10:20:20 lukem Exp $ */
/*-
@@ -38,7 +38,7 @@
*/
#if !defined(lint) && !defined(SMALL)
-static char rcsid[] = "$OpenBSD: fetch.c,v 1.53 2005/04/11 15:16:50 deraadt Exp $";
+static char rcsid[] = "$OpenBSD: fetch.c,v 1.54 2005/04/21 05:17:21 fgsch Exp $";
#endif /* not lint and not SMALL */
/*
@@ -90,6 +90,8 @@ static const char *at_encoding_warning =
jmp_buf httpabort;
+static int redirect_loop;
+
/*
* Retrieve URL, via the proxy in $proxyvar if necessary.
* Modifies the string argument given.
@@ -402,6 +404,10 @@ again:
cp++;
if (strncmp(cp, "301", 3) == 0 || strncmp(cp, "302", 3) == 0) {
isredirect++;
+ if (redirect_loop++ > 10) {
+ warnx("Too many redirections requested");
+ goto cleanup_url_get;
+ }
} else if (strncmp(cp, "200", 3)) {
warnx("Error retrieving file: %s", cp);
goto cleanup_url_get;
@@ -634,6 +640,7 @@ auto_fetch(int argc, char *argv[], char *outfile)
*/
if (strncasecmp(line, HTTP_URL, sizeof(HTTP_URL) - 1) == 0 ||
strncasecmp(line, FILE_URL, sizeof(FILE_URL) - 1) == 0) {
+ redirect_loop = 0;
if (url_get(line, httpproxy, outfile) == -1)
rval = argpos + 1;
continue;