summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorTimo Teräs <timo.teras@iki.fi>2018-09-05 10:32:00 +0300
committerTimo Teräs <timo.teras@iki.fi>2018-09-05 10:32:00 +0300
commite4f54cfe6681b301fb32b455cb9bbab24d97c0f4 (patch)
tree8d9636ed54aa204bc257817f9029fbaa28ac73c3
parent7b654e125461b00bc26e52b25e6a7be3a32c11b9 (diff)
downloadapk-tools-e4f54cfe6681b301fb32b455cb9bbab24d97c0f4.tar.bz2
apk-tools-e4f54cfe6681b301fb32b455cb9bbab24d97c0f4.tar.xz
libfetch: do not give out user/hostname as ftp anonymous password
This is unwanted information disclosure. Reported-by: Max Justicz <max@justi.cz>
-rw-r--r--libfetch/ftp.c20
1 files changed, 5 insertions, 15 deletions
diff --git a/libfetch/ftp.c b/libfetch/ftp.c
index 6caadf2..80f77d9 100644
--- a/libfetch/ftp.c
+++ b/libfetch/ftp.c
@@ -79,6 +79,7 @@
static int ftp_cmd(conn_t *, const char *, ...) LIBFETCH_PRINTFLIKE(2, 3);
#define FTP_ANONYMOUS_USER "anonymous"
+#define FTP_ANONYMOUS_PASSWORD "anonymous"
#define FTP_CONNECTION_ALREADY_OPEN 125
#define FTP_OPEN_DATA_CONNECTION 150
@@ -959,9 +960,8 @@ ouch:
static int
ftp_authenticate(conn_t *conn, struct url *url, struct url *purl)
{
- const char *user, *pwd, *login_name;
- char pbuf[URL_USERLEN + 1 + URL_HOSTLEN + 1];
- int e, len;
+ const char *user, *pwd;
+ int e;
/* XXX FTP_AUTH, and maybe .netrc */
@@ -985,18 +985,8 @@ ftp_authenticate(conn_t *conn, struct url *url, struct url *purl)
pwd = url->pwd;
if (*pwd == '\0')
pwd = getenv("FTP_PASSWORD");
- if (pwd == NULL || *pwd == '\0') {
- if ((login_name = getlogin()) == 0)
- login_name = FTP_ANONYMOUS_USER;
- if ((len = snprintf(pbuf, URL_USERLEN + 2, "%s@", login_name)) < 0)
- len = 0;
- else if (len > URL_USERLEN + 1)
- len = URL_USERLEN + 1;
- gethostname(pbuf + len, sizeof(pbuf) - len);
- /* MAXHOSTNAMELEN can differ from URL_HOSTLEN + 1 */
- pbuf[sizeof(pbuf) - 1] = '\0';
- pwd = pbuf;
- }
+ if (pwd == NULL || *pwd == '\0')
+ pwd = FTP_ANONYMOUS_PASSWORD;
e = ftp_cmd(conn, "PASS %s\r\n", pwd);
}