ftp: reject illegal IP/port in PASV 227 response

... by using range checks. Among other things, this avoids an undefined behavior for a left shift that could happen on negative or very large values. Closes #1997 Detected by OSS-fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=3694
author: Daniel Stenberg <daniel@haxx.se> 2017-10-19 14:41:14 +0200
committer: Daniel Stenberg <daniel@haxx.se> 2017-10-20 15:06:25 +0200
commit: 769647e714b8da41bdb72720bf02dce56033e02e (patch)
tree: 3d82a374ee3f68721515637042a5bd01b4ebbbdb /tests/data/test237
parent: 8351ab45105c3e58c38205c045477198ff887829 (diff)
1 files changed, 2 insertions, 6 deletions
diff --git a/tests/data/test237 b/tests/data/test237
index 9a40f1f6b..e9147dcd1 100644
--- a/tests/data/test237
+++ b/tests/data/test237
@@ -30,13 +30,9 @@ ftp://%HOSTIP:%FTPPORT/237 --disable-epsv
 # certain hosts with buggy resolver code, the resulting address (192.0.2.127)
 # is from an address block that is guaranteed never to be assigned (RFC3330).
 <verify>
-# curl: (15) Can't resolve new host 1216.256.2.127:32639
-# 15 => CURLE_FTP_CANT_GET_HOST
-# some systems just don't fail on the illegal host name/address but instead
-# moves on and attempt to connect to... yes, to what?
-# 7= CURLE_COULDNT_CONNECT
+# 14 = CURLE_FTP_WEIRD_227_FORMAT
 <errorcode>
-15, 7
+14
 </errorcode>
 <protocol>
 USER anonymous
author	Daniel Stenberg <daniel@haxx.se>	2017-10-19 14:41:14 +0200
committer	Daniel Stenberg <daniel@haxx.se>	2017-10-20 15:06:25 +0200
commit	769647e714b8da41bdb72720bf02dce56033e02e (patch)
tree	3d82a374ee3f68721515637042a5bd01b4ebbbdb /tests/data/test237
parent	8351ab45105c3e58c38205c045477198ff887829 (diff)