This is the mail archive of the
cygwin
mailing list for the Cygwin project.
Re: ftp.exe's bug found
- From: Corinna Vinschen <corinna-cygwin at cygwin dot com>
- To: cygwin at cygwin dot com
- Date: Mon, 19 Dec 2005 18:54:21 +0100
- Subject: Re: ftp.exe's bug found
- References: <200512190952.jBJ9qbla009680@null2root.org>
- Reply-to: cygwin at cygwin dot com
On Dec 19 18:52, saintlinu@null2root.org wrote:
> Dear list
>
> When I use ftp.exe in cygwin, connected to ftp server.
> and I just typed 'site AAAA%8x%8x%8x'
>
> then I faced a suspicious messege on the ftp server's information box
> like SITE AAAA 3212 2324 3241 414141 ...
>
> ftp.exe has format strings bug. right?
>
> I checked inetutils' source and I found
> there is no function that check arguments' validation right or not
>
> if you'll input a command like 'SITE AAAA%8x%8x%8x...%100c%n%200c%n'
> then get a file,'ftp.exe.stackdump'.
>
> please check this a little problem
Thanks, I've uploaded a new inetutils version.
Corinna
--
Corinna Vinschen Please, send mails regarding Cygwin to
Cygwin Project Co-Leader cygwin AT cygwin DOT com
Red Hat
--
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Problem reports: http://cygwin.com/problems.html
Documentation: http://cygwin.com/docs.html
FAQ: http://cygwin.com/faq/