Bug 665240 - [RFE] Increase the command line length limit of the FTP client beyond 200 characters.
Summary: [RFE] Increase the command line length limit of the FTP client beyond 200 cha...
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: ftp
Version: 5.4
Hardware: Unspecified
OS: Linux
medium
low
Target Milestone: rc
: 5.9
Assignee: Jan Synacek
QA Contact: Zbysek MRAZ
URL:
Whiteboard:
Depends On:
Blocks: 665833 665834 726492 824469 838996 852739
TreeView+ depends on / blocked
 
Reported: 2010-12-23 05:05 UTC by Brad Hubbard
Modified: 2018-11-29 21:55 UTC (History)
9 users (show)

Fixed In Version:
Doc Type: Enhancement
Doc Text:
Clone Of:
: 665337 665833 852739 (view as bug list)
Environment:
Last Closed: 2013-01-08 07:44:48 UTC
Target Upstream Version:
Embargoed:


Attachments (Terms of Use)
Proposed patch, needs testing. (8.75 KB, patch)
2011-06-13 06:03 UTC, Brad Hubbard
no flags Details | Diff
[Patch] increase line buffer length limit (896 bytes, patch)
2012-08-01 13:10 UTC, Jan Synacek
no flags Details | Diff


Links
System ID Private Priority Status Summary Last Updated
Red Hat Knowledge Base (Solution) 236683 0 None None None 2012-11-08 10:14:16 UTC
Red Hat Product Errata RHEA-2013:0102 0 normal SHIPPED_LIVE ftp enhancement update 2013-01-07 15:40:59 UTC

Description Brad Hubbard 2010-12-23 05:05:23 UTC
Description of problem: The ftp client has an arbitrary limit of 200 characters on command line length, any line exceeding this limit results in an error "sorry, input line too long".


Version-Release number of selected component (if applicable): ftp-0.17-35.el5


How reproducible: At will


Steps to Reproduce:
1. mkdir -p /tmp/sourcedir1/sourcedir2/sourcedir3/sourcedir4/sourdir5/sourdir6/sourcedir7/sourcedir8/sourcedir9/sourcedir10/sourcedir11/sourcedir12/sourcedir13/sourcedir14/sourcedir15/sourcedir16/sourcedir17/sourcedir18/
2. echo test > /tmp/sourcedir1/sourcedir2/sourcedir3/sourcedir4/sourdir5/sourdir6/sourcedir7/sourcedir8/sourcedir9/sourcedir10/sourcedir11/sourcedir12/sourcedir13/sourcedir14/sourcedir15/sourcedir16/sourcedir17/sourcedir18/source
3. echo -e "user anonymous password\ncd incoming\nput /tmp/sourcedir1/sourcedir2/sourcedir3/sourcedir4/sourdir5/sourdir6/sourcedir7/sourcedir8/sourcedir9/sourcedir10/sourcedir11/sourcedir12/sourcedir13/sourcedir14/sourcedir15/sourcedir16/sourcedir17/sourcedir18/source target2" > /tmp/command
4. /usr/bin/ftp -v -n dropbox.redhat.com</tmp/command
  
Actual results:
Connected to dropbox.redhat.com (209.132.183.100).
220-+---------------------------------------------------------------+
220-|        Welcome to Red Hat Global Support Services FTP!        |
220-|                                                               |
220-|     Please note: the "ls" command is disabled by design.      |
220-|     You will receive this error if you attempt to run "ls":   |
220-|                                                               |
220-|      ls: 550 Permission denied.                               |
220-|                                                               |
220-|  If you are uploading a file for Technical Support, you       |
220-|  must include your support ticket number in the filename      |
220-|  and inform your technician of the upload. Files with names   |
220-|  that do not follow this convention, such as vmcore or        |
220-|  vmcore.gz will be deleted.                                   |
220-|                                                               |
220-|  To upload a core successfully, please do the following:      |
220-|                                                               |
220-|  ftp> cd incoming                                             |
220-|  ftp> put [casenumber]-[file]                                 |
220-|                                                               |
220-|     - Active and passive transfers are supported.             |
220-|     - Upload resume is supported.                             |
220-+---------------------------------------------------------------+
220 
331 Please specify the password.
230 Login successful.
250 Directory successfully changed.
sorry, input line too long
221 Goodbye.


Expected results:
A successful file transfer. 


Additional info:
The limit applies when using ftp interactively and is hard coded into the source;
Extern char     line[200];      /* input line buffer */

Comment 3 RHEL Program Management 2011-01-11 20:31:47 UTC
This request was evaluated by Red Hat Product Management for
inclusion in the current release of Red Hat Enterprise Linux.
Because the affected component is not scheduled to be updated in the
current release, Red Hat is unfortunately unable to address this
request at this time. Red Hat invites you to ask your support
representative to propose this request, if appropriate and relevant,
in the next release of Red Hat Enterprise Linux.

Comment 4 RHEL Program Management 2011-01-11 22:34:50 UTC
This request was erroneously denied for the current release of
Red Hat Enterprise Linux.  The error has been fixed and this
request has been re-proposed for the current release.

Comment 8 Brad Hubbard 2011-06-13 06:01:29 UTC
I have uploaded a patch for this (an adaptation of Nalin's patch for bz 6658330 and tested as below. This needs a lot more testing and QA though. 

Steps to Reproduce:
1. mkdir -p
/tmp/sourcedir1/sourcedir2/sourcedir3/sourcedir4/sourdir5/sourdir6/sourcedir7/sourcedir8/sourcedir9/sourcedir10/sourcedir11/sourcedir12/sourcedir13/sourcedir14/sourcedir15/sourcedir16/sourcedir17/sourcedir18/
2. echo test >
/tmp/sourcedir1/sourcedir2/sourcedir3/sourcedir4/sourdir5/sourdir6/sourcedir7/sourcedir8/sourcedir9/sourcedir10/sourcedir11/sourcedir12/sourcedir13/sourcedir14/sourcedir15/sourcedir16/sourcedir17/sourcedir18/source
3. echo -e "user anonymous password\ncd incoming\nput
/tmp/sourcedir1/sourcedir2/sourcedir3/sourcedir4/sourdir5/sourdir6/sourcedir7/sourcedir8/sourcedir9/sourcedir10/sourcedir11/sourcedir12/sourcedir13/sourcedir14/sourcedir15/sourcedir16/sourcedir17/sourcedir18/source
target2" > /tmp/command
4. ./ftp -v -n dropbox.redhat.com</tmp/command

Connected to dropbox.redhat.com (209.132.183.100).
220-+---------------------------------------------------------------+
220-|        Welcome to Red Hat Global Support Services FTP!        |
220-|                                                               |
220-|     Please note: the "ls" command is disabled by design.      |
220-|     You will receive this error if you attempt to run "ls":   |
220-|                                                               |
220-|      ls: 550 Permission denied.                               |
220-|                                                               |
220-|  If you are uploading a file for Technical Support, you       |
220-|  must include your support ticket number in the filename      |
220-|  and inform your technician of the upload. Files with names   |
220-|  that do not follow this convention, such as vmcore or        |
220-|  vmcore.gz will be deleted.                                   |
220-|                                                               |
220-|  To upload a core successfully, please do the following:      |
220-|                                                               |
220-|  ftp> cd incoming                                             |
220-|  ftp> put [casenumber]-[file]                                 |
220-|                                                               |
220-|     - Active and passive transfers are supported.             |
220-|     - Upload resume is supported.                             |
220-+---------------------------------------------------------------+
220 
331 Please specify the password.
230 Login successful.
250 Directory successfully changed.
local: /tmp/sourcedir1/sourcedir2/sourcedir3/sourcedir4/sourdir5/sourdir6/sourcedir7/sourcedir8/sourcedir9/sourcedir10/sourcedir11/sourcedir12/sourcedir13/sourcedir14/sourcedir15/sourcedir16/sourcedir17/sourcedir18/source remote: target2
227 Entering Passive Mode (209,132,183,100,25,17)
150 Ok to send data.
226 File receive OK.
6 bytes sent in 4.4e-05 secs (1.3e+02 Kbytes/sec)
221 Goodbye.

Comment 9 Brad Hubbard 2011-06-13 06:03:32 UTC
Created attachment 504369 [details]
Proposed patch, needs testing.

Needs testing, compiles without error, solves bz issue and passes basic testing.

Comment 12 RHEL Program Management 2011-09-23 00:22:42 UTC
This request was evaluated by Red Hat Product Management for
inclusion in the current release of Red Hat Enterprise Linux.
Because the affected component is not scheduled to be updated in the
current release, Red Hat is unfortunately unable to address this
request at this time. Red Hat invites you to ask your support
representative to propose this request, if appropriate and relevant,
in the next release of Red Hat Enterprise Linux.

Comment 18 RHEL Program Management 2012-06-12 01:10:21 UTC
This request was evaluated by Red Hat Product Management for
inclusion in the current release of Red Hat Enterprise Linux.
Because the affected component is not scheduled to be updated in the
current release, Red Hat is unfortunately unable to address this
request at this time. Red Hat invites you to ask your support
representative to propose this request, if appropriate and relevant,
in the next release of Red Hat Enterprise Linux.

Comment 21 Jan Synacek 2012-08-01 13:10:43 UTC
Created attachment 601744 [details]
[Patch] increase line buffer length limit

I suggest fixing this by simply increasing the line buffer length to PATH_MAX plus a margin (I left the original 200 there) for the ftp command. The filename cannot be longer than PATH_MAX anyway.

There is no need to modify other functionality of the code.

Comment 24 RHEL Program Management 2012-08-01 13:28:59 UTC
This request was evaluated by Red Hat Product Management for
inclusion in the current release of Red Hat Enterprise Linux.
Because the affected component is not scheduled to be updated in the
current release, Red Hat is unfortunately unable to address this
request at this time. Red Hat invites you to ask your support
representative to propose this request, if appropriate and relevant,
in the next release of Red Hat Enterprise Linux.

Comment 26 RHEL Program Management 2012-08-01 13:48:44 UTC
This request was evaluated by Red Hat Product Management for
inclusion in the current release of Red Hat Enterprise Linux.
Because the affected component is not scheduled to be updated in the
current release, Red Hat is unfortunately unable to address this
request at this time. Red Hat invites you to ask your support
representative to propose this request, if appropriate and relevant,
in the next release of Red Hat Enterprise Linux.

Comment 29 Karel Srot 2012-08-03 14:59:45 UTC
Hi Jan,
is the PATH_MAX limit related to a single filename? Correct me if I am wrong bug you are allowed to pass multiple files to mget/mput commands. Can't you reach that "argbuf[PATH_MAX + 200]" limit this way?

Comment 30 Jan Synacek 2012-08-06 06:32:34 UTC
> is the PATH_MAX limit related to a single filename?

Yes.

> Can't you reach that "argbuf[PATH_MAX + 200]" limit this way?

I didn't manage to do so. If you call

mput <file1> <file2> ... <file_n>

you will hit the command line limit. On the other hand, if you first call the mput command, then ftp's use of readline() will not let you to type more than 4095 (PATH_MAX-1) characters. Currently (without the patch), the latter will cause a buffer overflow anyway, so I think that changing both line and argbuf to PATH_MAX+1 exactly should be enough.

If you managed to call mput with more than PATH_MAX-1 characters, please let me know and I will change the argbuf's length to ARG_MAX+1, which should be enough. But I don't think that will be necessary.

Comment 41 errata-xmlrpc 2013-01-08 07:44:48 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHEA-2013-0102.html


Note You need to log in before you can comment on or make changes to this bug.