Stephan Bergmann made libcurl return CURLE_URL_MALFORMAT if an FTP URL

Daniel (19 January 2005)

- Stephan Bergmann made libcurl return CURLE_URL_MALFORMAT if an FTP URL

  contains %0a or %0d in the user, password or CWD parts. (A future fix would

  include doing it for %00 as well - see KNOWN_BUGS for details.) Test case

  225 and 226 were added to verify this

- Stephan Bergmann pointed out two flaws in libcurl built with HTTP disabled:

  1) the proxy environment variables are still read and used to set HTTP proxy

  2) you couldn't disable http proxy with CURLOPT_PROXY (since the option was

     disabled)

     disabled). This is important since apps may want to disable HTTP proxy

     without actually knowing if libcurl was built to disable HTTP or not.

  Based on Stephan's patch, both these issues should now be fixed.

changelog of the current development status, as one or more of these problems

may have been fixed since this was written!

* FTP URLs passed to curl may contain NUL (0x00) in the RFC 1738 <user>,

  <password>, and <fpath> components, encoded as "%00".  The problem is that

  curl_unescape does not detect this, but instead returns a shortened C

  string.  From a strict FTP protocol standpoint, NUL is a valid character

  within RFC 959 <string>, so the way to handle this correctly in curl would

  be to use a data structure other than a plain C string, one that can handle

  embedded NUL characters.  From a practical standpoint, most FTP servers

  would not meaningfully support NUL characters within RFC 959 <string>,

  anyway (e.g., UNIX pathnames may not contain NUL).

* Test case 241 fails on all systems that support IPv6 but that don't have the

  host name 'ip6-localhost' in /etc/hosts (or similar) since the test case

  uses that host name to test the IPv6 name to address resolver.

 FTP

 * Make the detection of (bad) %0d and %0a codes in FTP url parts earlier in

   the process to avoid doing a resolve and connect in vain.

 * Code overhaul to make it more state-machine like and to _never_ block on

   waiting for server responses when used with the multi interface.

  }

}

/* Returns non-zero iff the given string contains CR (0x0D) or LF (0x0A), which

   are not allowed within RFC 959 <string>.

 */

static bool isBadFtpString(const char *string)

{

  return strchr(string, 0x0D) != NULL || strchr(string, 0x0A) != NULL;

}

/***********************************************************************

 *

 * AllowServerConnect()

  /* no need to duplicate them, this connectdata struct won't change */

  ftp->user = conn->user;

  ftp->passwd = conn->passwd;

  if (isBadFtpString(ftp->user) || isBadFtpString(ftp->passwd)) {

    return CURLE_URL_MALFORMAT;

  }

  ftp->response_time = 3600; /* set default response time-out */

#ifndef CURL_DISABLE_HTTP

        freedirs(ftp);

        return CURLE_OUT_OF_MEMORY;

      }

      if (isBadFtpString(ftp->dirs[ftp->dirdepth])) {

        freedirs(ftp);

        return CURLE_URL_MALFORMAT;

      }

    }

    else {

      cur_pos = slash_pos + 1; /* jump to the rest of the string */

      failf(data, "no memory");

      return CURLE_OUT_OF_MEMORY;

    }

    if (isBadFtpString(ftp->file)) {

      freedirs(ftp);

      return CURLE_URL_MALFORMAT;

    }

  }

  else

    ftp->file=NULL; /* instead of point to a zero byte, we make it a NULL

 test517 test518 test210 test211 test212 test220 test221 test222	\

 test223 test224 test206 test207 test208 test209 test213 test240	\

 test241 test242 test519 test214 test215 test216 test217 test218	\

 test199

 test199 test225

# The following tests have been removed from the dist since they no longer

# work. We need to fix the test suite's FTPS server first, then bring them