php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #12344 Handling of multiples responses in ftp client is buggy
Submitted: 2001-07-24 13:17 UTC Modified: 2002-07-10 22:59 UTC
Votes:1
Avg. Score:5.0 ± 0.0
Reproduced:1 of 1 (100.0%)
Same Version:1 (100.0%)
Same OS:0 (0.0%)
From: at at rominet dot net Assigned:
Status: Closed Package: FTP related
PHP Version: 4.0.6 OS: FreeBSD 4.3-RELEASE
Private report: No CVE-ID: None
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: at at rominet dot net
New email:
PHP Version: OS:

 

 [2001-07-24 13:17 UTC] at at rominet dot net
When doing FTP on localhost with small files, "236 Transfer complete" response is sent in the same TCP segment as "150 Opening ...". Decoding of multiple response in same my_recv() is buggy, because buffer is shifted after numerical code compute, but ->extra data is not shifted, resulting in a timeout because response is never read.

This patch fixes this problem. This patch implements  too ftp_quit() properly (actual code was never called).

There is also a problem if ftp_fget relating to error handling.

I don't know if this fucking textarea will permit to properly insert a patch, you can get it at 
http://www.rominet.net/~at/php-4.0.6.ftp.patch

diff -ru php-4.0.6/ext/ftp/ftp.c php-4.0.6.patched/ext/ftp/ftp.c
--- php-4.0.6/ext/ftp/ftp.c     Fri Nov  3 22:53:24 2000
+++ php-4.0.6.patched/ext/ftp/ftp.c     Tue Jul 24 19:12:17 2001
@@ -841,6 +841,7 @@
                        (ftp->inbuf[2] - '0');
 
        memmove(ftp->inbuf, ftp->inbuf + 4, FTP_BUFSIZE - 4);
+        if (ftp->extra) ftp->extra-=4;
 
        return 1;
 }
diff -ru php-4.0.6/ext/ftp/php_ftp.c php-4.0.6.patched/ext/ftp/php_ftp.c
--- php-4.0.6/ext/ftp/php_ftp.c Thu May 24 14:41:51 2001
+++ php-4.0.6.patched/ext/ftp/php_ftp.c Tue Jul 24 18:43:59 2001
@@ -512,7 +512,7 @@
        convert_to_string(arg3);
        XTYPE(xtype, arg4);
 
-       if (!ftp_get(ftp, fp, Z_STRVAL_P(arg3), xtype) || ferror(fp)) {
+       if (!ftp_get(ftp, fp, Z_STRVAL_P(arg3), xtype)) {
                php_error(E_WARNING, "ftp_get: %s", ftp->inbuf);
                RETURN_FALSE;
        }
@@ -847,6 +847,7 @@
 {
        pval            *arg1;
        int             id, type;
+       ftpbuf_t        *ftp;
 
        /* arg1 - ftp
         */
@@ -855,8 +856,11 @@
        }
 
        id = Z_LVAL_P(arg1);
-       if (zend_list_find(id, &type) && type == le_ftpbuf)
+       if (zend_list_find(id, &type) && type == le_ftpbuf) {
+               FTPBUF(ftp, arg1);
+                ftp_quit(ftp);
                zend_list_delete(id);
+        }
 
        RETURN_TRUE;
 }

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2002-07-10 22:59 UTC] sniper@php.net
This bug has been fixed in CVS. You can grab a snapshot of the
CVS version at http://snaps.php.net/. In case this was a documentation 
problem, the fix will show up soon at http://www.php.net/manual/.
In case this was a PHP.net website problem, the change will show
up on the PHP.net site and on the mirror sites.
Thank you for the report, and for helping us make PHP better.


 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Fri Dec 13 04:01:27 2024 UTC