| ftpcmd.y (133936) | ftpcmd.y (161764) |
|---|---|
| 1/* $NetBSD: ftpcmd.y,v 1.80 2004-08-09 12:56:47 lukem Exp $ */ | 1/* $NetBSD: ftpcmd.y,v 1.84 2006/02/01 14:20:12 christos Exp $ */ |
| 2 3/*- | 2 3/*- |
| 4 * Copyright (c) 1997-2004 The NetBSD Foundation, Inc. | 4 * Copyright (c) 1997-2005 The NetBSD Foundation, Inc. |
| 5 * All rights reserved. 6 * 7 * This code is derived from software contributed to The NetBSD Foundation 8 * by Luke Mewburn. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: --- 61 unchanged lines hidden (view full) --- 74 75%{ 76#include <sys/cdefs.h> 77 78#ifndef lint 79#if 0 80static char sccsid[] = "@(#)ftpcmd.y 8.3 (Berkeley) 4/6/94"; 81#else | 5 * All rights reserved. 6 * 7 * This code is derived from software contributed to The NetBSD Foundation 8 * by Luke Mewburn. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: --- 61 unchanged lines hidden (view full) --- 74 75%{ 76#include <sys/cdefs.h> 77 78#ifndef lint 79#if 0 80static char sccsid[] = "@(#)ftpcmd.y 8.3 (Berkeley) 4/6/94"; 81#else |
| 82__RCSID("$NetBSD: ftpcmd.y,v 1.80 2004-08-09 12:56:47 lukem Exp $"); | 82__RCSID("$NetBSD: ftpcmd.y,v 1.84 2006/02/01 14:20:12 christos Exp $"); |
| 83#endif 84#endif /* not lint */ 85 86#include <sys/param.h> 87#include <sys/socket.h> 88#include <sys/stat.h> 89 90#include <netinet/in.h> --- 22 unchanged lines hidden (view full) --- 113static int cmd_type; 114static int cmd_form; 115static int cmd_bytesz; 116 117char cbuf[FTP_BUFLEN]; 118char *cmdp; 119char *fromname; 120 | 83#endif 84#endif /* not lint */ 85 86#include <sys/param.h> 87#include <sys/socket.h> 88#include <sys/stat.h> 89 90#include <netinet/in.h> --- 22 unchanged lines hidden (view full) --- 113static int cmd_type; 114static int cmd_form; 115static int cmd_bytesz; 116 117char cbuf[FTP_BUFLEN]; 118char *cmdp; 119char *fromname; 120 |
| 121extern int epsvall; 122struct tab sitetab[]; 123 124static int check_write(const char *, int); 125static void help(struct tab *, const char *); 126static void port_check(const char *, int); 127 int yylex(void); 128 |
|
| 121%} 122 123%union { 124 struct { 125 LLT ll; 126 int i; 127 } u; 128 char *s; --- 369 unchanged lines hidden (view full) --- 498 if ($2) 499 pwd(); 500 } 501 502 | LIST check_login CRLF 503 { 504 char *argv[] = { INTERNAL_LS, "-lgA", NULL }; 505 | 129%} 130 131%union { 132 struct { 133 LLT ll; 134 int i; 135 } u; 136 char *s; --- 369 unchanged lines hidden (view full) --- 506 if ($2) 507 pwd(); 508 } 509 510 | LIST check_login CRLF 511 { 512 char *argv[] = { INTERNAL_LS, "-lgA", NULL }; 513 |
| 514 if (CURCLASS_FLAGS_ISSET(hidesymlinks)) 515 argv[1] = "-LlgA"; |
|
| 506 if ($2) 507 retrieve(argv, ""); 508 } 509 510 | LIST check_login SP pathname CRLF 511 { 512 char *argv[] = { INTERNAL_LS, "-lgA", NULL, NULL }; 513 | 516 if ($2) 517 retrieve(argv, ""); 518 } 519 520 | LIST check_login SP pathname CRLF 521 { 522 char *argv[] = { INTERNAL_LS, "-lgA", NULL, NULL }; 523 |
| 524 if (CURCLASS_FLAGS_ISSET(hidesymlinks)) 525 argv[1] = "-LlgA"; |
|
| 514 if ($2 && $4 != NULL) { 515 argv[2] = $4; 516 retrieve(argv, $4); 517 } 518 if ($4 != NULL) 519 free($4); 520 } 521 --- 766 unchanged lines hidden (view full) --- 1288 { "HELP", HELP, OSTR, 1, "[ <sp> <string> ]" }, 1289 { "IDLE", IDLE, ARGS, 1, "[ <sp> maximum-idle-time ]" }, 1290 { "RATEGET", RATEGET,OSTR, 1, "[ <sp> get-throttle-rate ]" }, 1291 { "RATEPUT", RATEPUT,OSTR, 1, "[ <sp> put-throttle-rate ]" }, 1292 { "UMASK", UMASK, ARGS, 1, "[ <sp> umask ]" }, 1293 { NULL, 0, 0, 0, NULL } 1294}; 1295 | 526 if ($2 && $4 != NULL) { 527 argv[2] = $4; 528 retrieve(argv, $4); 529 } 530 if ($4 != NULL) 531 free($4); 532 } 533 --- 766 unchanged lines hidden (view full) --- 1300 { "HELP", HELP, OSTR, 1, "[ <sp> <string> ]" }, 1301 { "IDLE", IDLE, ARGS, 1, "[ <sp> maximum-idle-time ]" }, 1302 { "RATEGET", RATEGET,OSTR, 1, "[ <sp> get-throttle-rate ]" }, 1303 { "RATEPUT", RATEPUT,OSTR, 1, "[ <sp> put-throttle-rate ]" }, 1304 { "UMASK", UMASK, ARGS, 1, "[ <sp> umask ]" }, 1305 { NULL, 0, 0, 0, NULL } 1306}; 1307 |
| 1296static int check_write(const char *, int); 1297static void help(struct tab *, const char *); 1298static void port_check(const char *, int); 1299 int yylex(void); 1300 1301extern int epsvall; 1302 | |
| 1303/* 1304 * Check if a filename is allowed to be modified (isupload == 0) or 1305 * uploaded (isupload == 1), and if necessary, check the filename is `sane'. 1306 * If the filename is NULL, fail. 1307 * If the filename is "", don't do the sane name check. 1308 */ 1309static int 1310check_write(const char *file, int isupload) --- 17 unchanged lines hidden (view full) --- 1328 1329 /* checking sanenames */ 1330 if (file[0] != '\0' && CURCLASS_FLAGS_ISSET(sanenames)) { 1331 const char *p; 1332 1333 if (file[0] == '.') 1334 goto insane_name; 1335 for (p = file; *p; p++) { | 1308/* 1309 * Check if a filename is allowed to be modified (isupload == 0) or 1310 * uploaded (isupload == 1), and if necessary, check the filename is `sane'. 1311 * If the filename is NULL, fail. 1312 * If the filename is "", don't do the sane name check. 1313 */ 1314static int 1315check_write(const char *file, int isupload) --- 17 unchanged lines hidden (view full) --- 1333 1334 /* checking sanenames */ 1335 if (file[0] != '\0' && CURCLASS_FLAGS_ISSET(sanenames)) { 1336 const char *p; 1337 1338 if (file[0] == '.') 1339 goto insane_name; 1340 for (p = file; *p; p++) { |
| 1336 if (isalnum(*p) || *p == '-' || *p == '+' || | 1341 if (isalnum((unsigned char)*p) || *p == '-' || *p == '+' || |
| 1337 *p == ',' || *p == '.' || *p == '_') 1338 continue; 1339 insane_name: 1340 reply(553, "File name `%s' not allowed.", file); 1341 return (0); 1342 } 1343 } 1344 return (1); --- 21 unchanged lines hidden (view full) --- 1366 char *cs; 1367 1368 cs = s; 1369/* tmpline may contain saved command from urgent mode interruption */ 1370 for (c = 0; tmpline[c] != '\0' && --n > 0; ++c) { 1371 *cs++ = tmpline[c]; 1372 if (tmpline[c] == '\n') { 1373 *cs++ = '\0'; | 1342 *p == ',' || *p == '.' || *p == '_') 1343 continue; 1344 insane_name: 1345 reply(553, "File name `%s' not allowed.", file); 1346 return (0); 1347 } 1348 } 1349 return (1); --- 21 unchanged lines hidden (view full) --- 1371 char *cs; 1372 1373 cs = s; 1374/* tmpline may contain saved command from urgent mode interruption */ 1375 for (c = 0; tmpline[c] != '\0' && --n > 0; ++c) { 1376 *cs++ = tmpline[c]; 1377 if (tmpline[c] == '\n') { 1378 *cs++ = '\0'; |
| 1374 if (debug) | 1379 if (ftpd_debug) |
| 1375 syslog(LOG_DEBUG, "command: %s", s); 1376 tmpline[0] = '\0'; 1377 return(s); 1378 } 1379 if (c == 0) 1380 tmpline[0] = '\0'; 1381 } 1382 while ((c = getc(iop)) != EOF) { --- 31 unchanged lines hidden (view full) --- 1414 } 1415 *cs++ = c; 1416 if (--n <= 0 || c == '\n') 1417 break; 1418 } 1419 if (c == EOF && cs == s) 1420 return (NULL); 1421 *cs++ = '\0'; | 1380 syslog(LOG_DEBUG, "command: %s", s); 1381 tmpline[0] = '\0'; 1382 return(s); 1383 } 1384 if (c == 0) 1385 tmpline[0] = '\0'; 1386 } 1387 while ((c = getc(iop)) != EOF) { --- 31 unchanged lines hidden (view full) --- 1419 } 1420 *cs++ = c; 1421 if (--n <= 0 || c == '\n') 1422 break; 1423 } 1424 if (c == EOF && cs == s) 1425 return (NULL); 1426 *cs++ = '\0'; |
| 1422 if (debug) { | 1427 if (ftpd_debug) { |
| 1423 if ((curclass.type != CLASS_GUEST && 1424 strncasecmp(s, "PASS ", 5) == 0) || 1425 strncasecmp(s, "ACCT ", 5) == 0) { 1426 /* Don't syslog passwords */ 1427 syslog(LOG_DEBUG, "command: %.4s ???", s); 1428 } else { 1429 char *cp; 1430 int len; --- 135 unchanged lines hidden (view full) --- 1566 cp = &cmdp[cpos]; 1567 n = strlen(cp); 1568 cpos += n - 1; 1569 /* 1570 * Make sure the string is nonempty and \n terminated. 1571 */ 1572 if (n > 1 && cmdp[cpos] == '\n') { 1573 cmdp[cpos] = '\0'; | 1428 if ((curclass.type != CLASS_GUEST && 1429 strncasecmp(s, "PASS ", 5) == 0) || 1430 strncasecmp(s, "ACCT ", 5) == 0) { 1431 /* Don't syslog passwords */ 1432 syslog(LOG_DEBUG, "command: %.4s ???", s); 1433 } else { 1434 char *cp; 1435 int len; --- 135 unchanged lines hidden (view full) --- 1571 cp = &cmdp[cpos]; 1572 n = strlen(cp); 1573 cpos += n - 1; 1574 /* 1575 * Make sure the string is nonempty and \n terminated. 1576 */ 1577 if (n > 1 && cmdp[cpos] == '\n') { 1578 cmdp[cpos] = '\0'; |
| 1574 yylval.s = xstrdup(cp); | 1579 yylval.s = ftpd_strdup(cp); |
| 1575 cmdp[cpos] = '\n'; 1576 state = ARGS; 1577 return (STRING); 1578 } 1579 break; 1580 1581 case NSTR: 1582 if (cmdp[cpos] == ' ') { 1583 cpos++; 1584 return (SP); 1585 } | 1580 cmdp[cpos] = '\n'; 1581 state = ARGS; 1582 return (STRING); 1583 } 1584 break; 1585 1586 case NSTR: 1587 if (cmdp[cpos] == ' ') { 1588 cpos++; 1589 return (SP); 1590 } |
| 1586 if (isdigit(cmdp[cpos])) { | 1591 if (isdigit((unsigned char)cmdp[cpos])) { |
| 1587 cp = &cmdp[cpos]; | 1592 cp = &cmdp[cpos]; |
| 1588 while (isdigit(cmdp[++cpos])) | 1593 while (isdigit((unsigned char)cmdp[++cpos])) |
| 1589 ; 1590 c = cmdp[cpos]; 1591 cmdp[cpos] = '\0'; 1592 yylval.u.i = atoi(cp); 1593 cmdp[cpos] = c; 1594 state = STR1; 1595 return (NUMBER); 1596 } 1597 state = STR1; 1598 goto dostr1; 1599 1600 case ARGS: | 1594 ; 1595 c = cmdp[cpos]; 1596 cmdp[cpos] = '\0'; 1597 yylval.u.i = atoi(cp); 1598 cmdp[cpos] = c; 1599 state = STR1; 1600 return (NUMBER); 1601 } 1602 state = STR1; 1603 goto dostr1; 1604 1605 case ARGS: |
| 1601 if (isdigit(cmdp[cpos])) { | 1606 if (isdigit((unsigned char)cmdp[cpos])) { |
| 1602 cp = &cmdp[cpos]; | 1607 cp = &cmdp[cpos]; |
| 1603 while (isdigit(cmdp[++cpos])) | 1608 while (isdigit((unsigned char)cmdp[++cpos])) |
| 1604 ; 1605 c = cmdp[cpos]; 1606 cmdp[cpos] = '\0'; 1607 yylval.u.i = atoi(cp); 1608 yylval.u.ll = STRTOLL(cp, (char **)NULL, 10); 1609 cmdp[cpos] = c; 1610 return (NUMBER); 1611 } 1612 if (strncasecmp(&cmdp[cpos], "ALL", 3) == 0 | 1609 ; 1610 c = cmdp[cpos]; 1611 cmdp[cpos] = '\0'; 1612 yylval.u.i = atoi(cp); 1613 yylval.u.ll = STRTOLL(cp, (char **)NULL, 10); 1614 cmdp[cpos] = c; 1615 return (NUMBER); 1616 } 1617 if (strncasecmp(&cmdp[cpos], "ALL", 3) == 0 |
| 1613 && !isalnum(cmdp[cpos + 3])) { | 1618 && !isalnum((unsigned char)cmdp[cpos + 3])) { |
| 1614 cpos += 3; 1615 return (ALL); 1616 } 1617 switch (cmdp[cpos++]) { 1618 1619 case '\n': 1620 state = EOLN; 1621 return (CRLF); --- 226 unchanged lines hidden --- | 1619 cpos += 3; 1620 return (ALL); 1621 } 1622 switch (cmdp[cpos++]) { 1623 1624 case '\n': 1625 state = EOLN; 1626 return (CRLF); --- 226 unchanged lines hidden --- |