Overview

File CVE-2024-48208.patch of Package pure-ftpd

From 2bbe0f25c6b905044803649a29df5f765f940b91 Mon Sep 17 00:00:00 2001
From: Frank Denis <github@pureftpd.org>
Date: Fri, 25 Oct 2024 10:20:24 +0200
Subject: [PATCH] Fix code similar to the one fixed in 350d66fbbd6

Noticed by @StayPirate, thanks!
---
 src/ls.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/ls.c b/src/ls.c
index 9063646..94150ad 100644
--- a/src/ls.c
+++ b/src/ls.c
@@ -972,8 +972,8 @@ void donlst(const char *base)
 
     if (*base != 0 && chdir(base) != 0) {
         if (*base++ == '-') {
-            while (!isspace((unsigned char) *base++));
-            while (isspace((unsigned char) *base++));
+            while (*base != 0 && !isspace((unsigned char) *base++));
+            while (*base != 0 && isspace((unsigned char) *base++));
             if (*base != 0 && chdir(base) != 0) {
                 addreply_noformat(550, MSG_STAT_FAILURE2);
                 return;
openSUSE Build Service is sponsored by
Places