Bug 90338 - (TUX)password incorrectly parsed + patch to fix the problem
Summary: (TUX)password incorrectly parsed + patch to fix the problem
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Linux
Classification: Retired
Component: kernel
Version: 9
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Dave Jones
QA Contact: Brian Brock
URL:
Whiteboard:
: 91213 (view as bug list)
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2003-05-07 04:55 UTC by LaMont Jones
Modified: 2015-01-04 22:02 UTC (History)
2 users (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed: 2004-01-05 19:23:24 UTC
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2003:417 0 normal SHIPPED_LIVE : Updated kernel resolves security vulnerability 2004-01-05 05:00:00 UTC

Description LaMont Jones 2003-05-07 04:55:46 UTC 
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686) Gecko/20030430 Galeon/1.3.4
Debian/1.3.4.20030503-1

Description of problem:
anon-ftp passwords that should work result in 'unknown command' errors.

Specifically, 15 char passwords fail, while 14 char passwords succeed.

Looking at the source, it appears that it should be using MAX_PASS_LEN, not
MAX_USERNAME_LEN...


Version-Release number of selected component (if applicable):
kernel 2.4.20-9

How reproducible:
Always

Steps to Reproduce:
1.ftp to a tux-ftp server
2.use an anon-ftp password over 14 characters in length
3.note the failure...
    

Actual Results:  login failed

Expected Results:  should have succeeded

Additional info:

This patch should fix the issue.
--- proto_ftp.c.orig    Mon May  5 22:57:35 2003
+++ proto_ftp.c Mon May  5 22:57:59 2003
@@ -354,7 +354,7 @@
                        unsigned int pass_len;
                        PARSE_FTP_COMM_1_FIELD('P','A','S','S', PASS,
                                pass, &pass_len,
-                               MAX_USERNAME_LEN-1);
+                               MAX_PASS_LEN-1);
                        if (!pass_len)
                                GOTO_ERR;
                        break;
Comment 1 Michael K. Johnson 2003-05-09 19:41:13 UTC 
This part of TUX is all in the kernel, reassigning
Comment 2 Alan Cox 2003-06-09 14:34:26 UTC 
*** Bug 91213 has been marked as a duplicate of this bug. ***
Comment 3 Ingo Molnar 2003-07-05 07:53:51 UTC 
good catch - patch added.
Note You need to log in before you can comment on or make changes to this bug.