From 950b53da0d47f8975a062b9fbba9e1db0efb8f31 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg <daniel@haxx.se>
Date: Thu, 6 Feb 2020 11:36:53 +0100
Subject: ftp: remove superfluous checking for crlf in user or pwd

... as this is already done much earlier in the URL parser.

Also add test case 894 that verifies that pop3 with an encodedd CR in
the user name is rejected.

Closes #4887
---
 lib/ftp.c | 17 -----------------
 1 file changed, 17 deletions(-)

(limited to 'lib/ftp.c')

diff --git a/lib/ftp.c b/lib/ftp.c
index c20b6bf10..60fea5421 100644
--- a/lib/ftp.c
+++ b/lib/ftp.c
@@ -253,18 +253,6 @@ static void freedirs(struct ftp_conn *ftpc)
   Curl_safefree(ftpc->newhost);
 }
 
-/* Returns non-zero if the given string contains CR (\r) or LF (\n),
-   which are not allowed within RFC 959 <string>.
-   Note: The input string is in the client's encoding which might
-   not be ASCII, so escape sequences \r & \n must be used instead
-   of hex values 0x0d & 0x0a.
-*/
-static bool isBadFtpString(const char *string)
-{
-  return ((NULL != strchr(string, '\r')) ||
-          (NULL != strchr(string, '\n'))) ? TRUE : FALSE;
-}
-
 /***********************************************************************
  *
  * AcceptServerConnect()
@@ -4377,11 +4365,6 @@ static CURLcode ftp_setup_connection(struct connectdata *conn)
   */
   ftp->user = conn->user;
   ftp->passwd = conn->passwd;
-  if(isBadFtpString(ftp->user))
-    return CURLE_URL_MALFORMAT;
-  if(isBadFtpString(ftp->passwd))
-    return CURLE_URL_MALFORMAT;
-
   conn->proto.ftpc.known_filesize = -1; /* unknown size for now */
 
   return CURLE_OK;
-- 
cgit v1.2.3