php/archived-php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2026-04-25 00:48:25 +02:00
Code Issues Packages Projects Releases Wiki Activity

Check ftp user name for control characters.

Browse Source
This commit is contained in:
Ilia Alshanetsky
2005-05-06 18:42:52 +00:00
parent 0a830b33fc
commit 37f46251fb
1 changed files with 14 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
ext/standard/ftp_fopen_wrapper.c
+14 -1
View File
@@ -208,7 +208,20 @@ static php_stream *php_ftp_fopen_connect(php_stream_wrapper *wrapper, char *path
/* send the user name */
php_stream_write_string(stream, "USER ");
if (resource->user != NULL) {
php_raw_url_decode(resource->user, strlen(resource->user));
unsigned char *s, *e;
int user_len = php_raw_url_decode(resource->user, strlen(resource->user));
s = resource->user;
e = s + user_len;
/* check for control characters that should not be present in the user name */
while (s < e) {
if (iscntrl(*s)) {
php_stream_wrapper_log_error(wrapper, options TSRMLS_CC, "Invalid login %s", resource->user);
goto connect_errexit;
}
s++;
}
php_stream_write_string(stream, resource->user);
} else {
php_stream_write_string(stream, "anonymous");