From 769647e714b8da41bdb72720bf02dce56033e02e Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Thu, 19 Oct 2017 14:41:14 +0200 Subject: ftp: reject illegal IP/port in PASV 227 response ... by using range checks. Among other things, this avoids an undefined behavior for a left shift that could happen on negative or very large values. Closes #1997 Detected by OSS-fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=3694 --- tests/data/test237 | 8 ++------ 1 file changed, 2 insertions(+), 6 deletions(-) (limited to 'tests/data') diff --git a/tests/data/test237 b/tests/data/test237 index 9a40f1f6b..e9147dcd1 100644 --- a/tests/data/test237 +++ b/tests/data/test237 @@ -30,13 +30,9 @@ ftp://%HOSTIP:%FTPPORT/237 --disable-epsv # certain hosts with buggy resolver code, the resulting address (192.0.2.127) # is from an address block that is guaranteed never to be assigned (RFC3330). -# curl: (15) Can't resolve new host 1216.256.2.127:32639 -# 15 => CURLE_FTP_CANT_GET_HOST -# some systems just don't fail on the illegal host name/address but instead -# moves on and attempt to connect to... yes, to what? -# 7= CURLE_COULDNT_CONNECT +# 14 = CURLE_FTP_WEIRD_227_FORMAT -15, 7 +14 USER anonymous -- cgit v1.2.3