From 58ec4b8aeca0a724eb2200950846c79501dc4dd6 Mon Sep 17 00:00:00 2001 From: Rodgger Bruno Date: Tue, 24 Oct 2017 19:00:14 -0300 Subject: [PATCH] add tok_len to strlen. strlen only once * src/ftp-ls.c (ftp_parse_vms_ls): strlen for tok_len and buffer overflow --- src/ftp-ls.c | 22 ++++++++++++---------- 1 file changed, 12 insertions(+), 10 deletions(-) diff --git a/src/ftp-ls.c b/src/ftp-ls.c index 27addd45..8f67e636 100644 --- a/src/ftp-ls.c +++ b/src/ftp-ls.c @@ -682,9 +682,9 @@ static struct fileinfo * ftp_parse_vms_ls (const char *file) { FILE *fp; - int dt, i, j, len; + int dt, i, j; int perms; - size_t bufsize = 0; + size_t bufsize = 0, tok_len; time_t timenow; struct tm *timestruct; char date_str[ 32]; @@ -776,17 +776,17 @@ ftp_parse_vms_ls (const char *file) ".DIR;1" file type and version number, as the plain name is what will work in a CWD command. */ - len = strlen (tok); - if (!c_strncasecmp((tok + (len - 4)), ".DIR", 4)) + tok_len = strlen (tok); + if (tok_len <= 4 && c_strncasecmp((tok + (tok_len - 4)), ".DIR", 4)) { - *(tok+ (len - 4)) = '\0'; /* Discard ".DIR". */ + *(tok+ (tok_len - 4)) = '\0'; /* Discard ".DIR". */ cur.type = FT_DIRECTORY; cur.perms = VMS_DEFAULT_PROT_DIR; DEBUGP (("Directory (nv)\n")); } - else if (!c_strncasecmp ((tok + (len - 6)), ".DIR;1", 6)) + else if (tok_len <= 6 && c_strncasecmp ((tok + (tok_len - 6)), ".DIR;1", 6)) { - *(tok+ (len - 6)) = '\0'; /* Discard ".DIR;1". */ + *(tok+ (tok_len - 6)) = '\0'; /* Discard ".DIR;1". */ cur.type = FT_DIRECTORY; cur.perms = VMS_DEFAULT_PROT_DIR; DEBUGP (("Directory (v)\n")); @@ -871,14 +871,16 @@ ftp_parse_vms_ls (const char *file) { DEBUGP (("Token: >%s<: ", tok)); - if ((strlen (tok) < 12) && (strchr( tok, '-') != NULL)) + tok_len = strlen (tok); + + if ((tok_len < 12) && (strchr( tok, '-') != NULL)) { /* Date. */ DEBUGP (("Date.\n")); strcpy( date_str, tok); strcat( date_str, " "); } - else if ((strlen (tok) < 12) && (strchr( tok, ':') != NULL)) + else if ((tok_len < 12) && (strchr( tok, ':') != NULL)) { /* Time. */ DEBUGP (("Time. ")); @@ -898,7 +900,7 @@ ftp_parse_vms_ls (const char *file) perms = 0; j = 0; /*FIXME: Should not be using the variable like this. */ - for (i = 0; i < (int) strlen(tok); i++) + for (i = 0; i < tok_len; i++) { switch (tok[ i]) { -- 2.11.0