This repository has been archived by the owner on Jul 4, 2023. It is now read-only.
Long value in .netrc cause segmentation fault #40
Comments
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
the ftp command read the .netrc file at every login attempt trying to find a matching authentication.
However, this file is shared among many other process, some that now require the usage of authentication token, which can be very long (up to 256 characters).
If one of such entry is present in the .netrc file, ftp will crash with a segmentation fault until the entry is removed from .netrc, even if the entry is not used by ftp.
Any field (machine, login, password) that is longer than 103 characters will trigger the segmentation fault.
How to reproduce:
1- Create a .netrc file in your home directory.
2- Put an entry with any file longer than 103 characters. Ex:
machine ftp.example.org login anonymous password 0123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012
3- Try to login to any FTP. You will be able to log in.
4- Increase the password by ONE character. Ex:
machine ftp.example.org login anonymous password 01234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123
5- Try to log in: Segmentation Fault.
The text was updated successfully, but these errors were encountered: