Deny the SIZE command on large files when in ASCII mode.

This eliminates an opportunity for DoS attack. Pointed out by: maxim Inspired by: lukemftpd, OpenBSD MFC after: 2 weeks
svn path=/head/; revision=101034
2002-07-31 10:55:31 +00:00 · 2002-07-31 10:55:31 +00:00 · 781cfb9348 · 2020-12-20 02:59:44 +00:00
commit 781cfb9348
parent 5e33115f05
1 changed files with 6 additions and 0 deletions
--- a/libexec/ftpd/ftpcmd.y
+++ b/libexec/ftpd/ftpcmd.y
@ -1068,6 +1068,8 @@ check_login_ro

 #define	MAXGLOBARGS	1000

+#define	MAXASIZE	10240	/* Deny ASCII SIZE on files larger than that */
+
 struct tab {
 	char	*name;
 	short	token;
@ -1589,6 +1591,10 @@ sizecmd(char *filename)
 			reply(550, "%s: not a plain file.", filename);
 			(void) fclose(fin);
 			return;
+		} else if (stbuf.st_size > MAXASIZE) {
+			reply(550, "%s: too large for type A SIZE.", filename);
+			(void) fclose(fin);
+			return;
 		}

 		count = 0;