diff options
| author | Theo de Raadt <deraadt@cvs.openbsd.org> | 1997-12-18 11:46:09 +0000 |
|---|---|---|
| committer | Theo de Raadt <deraadt@cvs.openbsd.org> | 1997-12-18 11:46:09 +0000 |
| commit | da8717db0ff29cff89d1aca1d99caddf493925c7 (patch) | |
| tree | 03c8dd5a523e4354f04961e177212c36394a10ce | |
| parent | 0dceac64d9b19e6df87e8863c31be9c59aaf63ba (diff) | |
Be so specific about the exact details of a PORT command error, that we
strike fear into the hearts of attackers (naw, I bet not...)
| -rw-r--r-- | libexec/ftpd/ftpcmd.y | 17 |
1 files changed, 13 insertions, 4 deletions
diff --git a/libexec/ftpd/ftpcmd.y b/libexec/ftpd/ftpcmd.y index b41fddfa71a..be802a883ec 100644 --- a/libexec/ftpd/ftpcmd.y +++ b/libexec/ftpd/ftpcmd.y @@ -161,13 +161,22 @@ cmd | PORT check_login SP host_port CRLF { if ($2) { - if ($4 || (portcheck && (ntohs(data_dest.sin_port) < - IPPORT_RESERVED || + if ($4) { + usedefault = 1; + reply(500, + "Illegal PORT rejected (range errors)."); + } else if (portcheck && + ntohs(data_dest.sin_port) < IPPORT_RESERVED) { + usedefault = 1; + reply(500, + "Illegal PORT rejected (reserved port)."); + } else if (portcheck && memcmp(&data_dest.sin_addr, &his_addr.sin_addr, - sizeof data_dest.sin_addr)))) { + sizeof data_dest.sin_addr)) { usedefault = 1; - reply(500, "Illegal PORT rejected."); + reply(500, + "Illegal PORT rejected (address wrong)."); } else { usedefault = 0; if (pdata >= 0) { |