Bug 47763

Summary: patch: if server sends RST after connecting, ncftp segfaults
Product: [Retired] Red Hat Raw Hide Reporter: Pekka Savola <pekkas>
Component: ncftpAssignee: Bernhard Rosenkraenzer <bero>
Status: CLOSED RAWHIDE QA Contact: David Lawrence <dkl>
Severity: medium Docs Contact:
Priority: medium    
Version: 1.0   
Target Milestone: ---   
Target Release: ---   
Hardware: i386   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2001-07-07 07:11:14 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
fix a segfault when performing freeaddrinfo twice none

Description Pekka Savola 2001-07-06 21:44:21 UTC 
ncftp 3.0.2 + ipv6 patch segfaults (same also with ncftp 3.0.3, but signal
handling in 3.0.3 is very, very broken IMO) if server, or some party sends
RST right after connecting:

bash-2.05# ncftp aaa.bbb.14.50
NcFTP 3.0.2 (October 19, 2000) by Mike Gleason (ncftp).
14:13:35.625741 xxx.yyy.2.51.1394 > aaa.bbb.14.50.ftp: S 2791266803:2791266803(0) win 5840 <mss 1460,sackOK,timestamp 
598170590,nop,wscale 0> (DF)
14:13:35.735736 aaa.bbb.14.50.ftp > xxx.yyy.2.51.1394: S 331434369:331434369(0) ack
2791266804 win 32120 <mss 1460,sackOK,timestamp 316270647 59817059,nop,wscale 0> (DF)
14:13:35.735736 xxx.yyy.2.51.1394 > aaa.bbb.14.50.ftp: . ack 1 win 5840 <nop,nop,timestamp 59817070 316270647> (DF)
14:13:35.855732 aaa.bbb.14.50.ftp > xxx.yyy.2.51.1394: R 331434370:331434370(0) win 0 (DF)
Remote host has closed the connection.
Segmentation fault (core dumped)

With my patch (or without ipv6 enabled):

bash-2.05# ./ncftp ftp.openbsd.org
NcFTP 3.0.2 (October 19, 2000) by Mike Gleason (ncftp).
Remote host has closed the connection.
Sleeping 19 seconds...

Without my patch:

bash-2.05# ncftp ftp.openbsd.org
NcFTP 3.0.2 (October 19, 2000) by Mike Gleason (ncftp).
Remote host has closed the connection.
Segmentation fault (core dumped)
Comment 1 Pekka Savola 2001-07-06 21:45:44 UTC 
Created attachment 22911 [details]
fix a segfault when performing freeaddrinfo twice
Comment 2 Pekka Savola 2001-07-07 07:11:11 UTC 
FWIW, this is also fixed in the latest patch at ftp.kame.net.
Comment 3 Bernhard Rosenkraenzer 2001-07-19 12:11:44 UTC 
Thanks, fixed in 3.0.3-3
Comment 4 Pekka Savola 2001-07-21 07:56:17 UTC 
In changelog, you put:

- Fix ipv6 crash (Patch from Pekka Savola, #47763)

Depending on the definition of "ipv6 crash", this might not be 100% pedantic ;-), as it happens 
when connecting to IPv4 sites too _if_ IPv6 has been enabled (ie: getaddrinfo() is used for
address resolution).

Not that it matters ;-)