[squid-dev] [PATCH] Segfault via Ftp::Client::readControlReply.

Christos Tsantilas christos at chtsanti.net
Fri Nov 11 16:36:58 UTC 2016

The patch applied to trunk as r14936 and r14937.
I am attaching a patch for squid-3.5 release.

On 11/11/2016 07:37 AM, Amos Jeffries wrote:
> On 11/11/2016 6:03 a.m., Christos Tsantilas wrote:
>> Added nil dereference checks for Ftp::Client::ctrl.conn, including:
>> - Ftp::Client::handlePasvReply() and handleEpsvReply() that dereference
>> ctrl.conn in DBG_IMPORTANT messages.
>> - Many functions inside FtpClient.cc and FtpGateway.cc files.
>> TODO: We need to find a better way to handle nil ctrl.conn. It is only a
>> matter of time when we forget to add another dereference check or
>> discover a place we missed during this change.
>> Also disabled forwarding of EPRT and PORT commands to origin servers.
>> Squid support for those commands is broken and their forwarding may
>> cause segfaults (bug #4004). Active FTP is still supported, of course.
>> This is a Measurement Factory project.
> in ftpReadPasv()
> - please leave the ftpSendEPRT where it was (but comment out). As-is
> this will just add a new Coverity issue about dead/unreachable code.
> in completeForwarding()
> - sic you are changing the debugs line please polish it all up to remove
> the HERE
>  - also s/completeForwarding avoids /avoid /
> +1 with the above polish.
> pPS. please remember to apply on the squid-5 branchnow, not trunk or v4.
> Amos
> _______________________________________________
> squid-dev mailing list
> squid-dev at lists.squid-cache.org
> http://lists.squid-cache.org/listinfo/squid-dev

-------------- next part --------------
A non-text attachment was scrubbed...
Name: SQUID-233-Squid_Segfault_via_Ftp_Client_readControlReply-squid-3.5-t5.patch
Type: text/x-patch
Size: 17890 bytes
Desc: not available
URL: <http://lists.squid-cache.org/pipermail/squid-dev/attachments/20161111/4b34cfa8/attachment.bin>

More information about the squid-dev mailing list