On 22 June 1998, Mike Gleason <mgleasonat_private> wrote: [...] > As for this particular bug, it crashes because ncftp 2.x was trying to > copy from a NULL pointer. So, no buffer exploit. Version 3 (still > beta) handles it just fine. The official gospel is to upgrade to > version 3, since the bug doesn't occur naturally in the wild. [...] However, some people might still want to stick with version 2.4.3, since a few useful (IMHO) features have been removed along the way to version 3. :-) So here's a simple fix, for the sake of the old days: --- Cmds.c.old Fri Mar 20 04:02:07 1998 +++ Cmds.c Tue Jun 23 19:15:53 1998 @@ -241,7 +241,7 @@ * if we can parse out the new directory without * doing a PWD command. */ - if (cwdrp != NULL) { + if (cwdrp != NULL && cwdrp->msg.first != NULL) { /* "xxxx" is new cwd. * Strip out just the xxxx to copy into the remote cwd. */ Regards, Liviu -- Dr. Liviu Daia e-mail: daiaat_private Institute of Mathematics web page: http://www.imar.ro/~daia of the Romanian Academy PGP key: finger daiaat_private
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:59:13 PDT