File vsftpd-2.3.2-excessive-cpu-usage.patch of Package vsftpd.import4116
Index: vsftpd-2.3.2/access.c
===================================================================
--- vsftpd-2.3.2.orig/access.c 2011-03-07 15:35:00.634054997 +0100
+++ vsftpd-2.3.2/access.c 2011-03-07 15:36:04.806572058 +0100
@@ -16,6 +16,7 @@
vsf_access_check_file(const struct mystr* p_filename_str)
{
static struct mystr s_access_str;
+ unsigned int iters = 0;
if (!tunable_deny_file)
{
@@ -25,7 +26,7 @@
{
str_alloc_text(&s_access_str, tunable_deny_file);
}
- if (vsf_filename_passes_filter(p_filename_str, &s_access_str))
+ if (vsf_filename_passes_filter(p_filename_str, &s_access_str, &iters))
{
return 0;
}
@@ -45,6 +46,7 @@
vsf_access_check_file_visible(const struct mystr* p_filename_str)
{
static struct mystr s_access_str;
+ unsigned int iters = 0;
if (!tunable_hide_file)
{
@@ -54,7 +56,7 @@
{
str_alloc_text(&s_access_str, tunable_hide_file);
}
- if (vsf_filename_passes_filter(p_filename_str, &s_access_str))
+ if (vsf_filename_passes_filter(p_filename_str, &s_access_str, &iters))
{
return 0;
}
Index: vsftpd-2.3.2/defs.h
===================================================================
--- vsftpd-2.3.2.orig/defs.h 2011-03-07 15:35:00.634054997 +0100
+++ vsftpd-2.3.2/defs.h 2011-03-07 15:36:04.807572097 +0100
@@ -10,6 +10,7 @@
#define VSFTP_MAX_COMMAND_LINE 4096
#define VSFTP_DATA_BUFSIZE 65536
#define VSFTP_DIR_BUFSIZE 16384
+#define VSFTP_MATCHITERS_MAX 1000
#define VSFTP_PATH_MAX 4096
#define VSFTP_CONF_FILE_MAX 100000
#define VSFTP_LISTEN_BACKLOG 32
Index: vsftpd-2.3.2/ftpdataio.c
===================================================================
--- vsftpd-2.3.2.orig/ftpdataio.c 2011-03-07 15:35:00.634054997 +0100
+++ vsftpd-2.3.2/ftpdataio.c 2011-03-07 15:36:04.842573470 +0100
@@ -116,7 +116,6 @@
else if (remote_fd == -2)
{
vsf_cmdio_write(p_sess, FTP_BADSENDCONN, "Security: Bad IP connecting.");
- vsf_sysutil_close(remote_fd);
return -1;
}
init_data_sock_params(p_sess, remote_fd);
@@ -364,6 +363,7 @@
if (retval != 0)
{
failed = 1;
+ vsf_sysutil_closedir(p_subdir);
break;
}
retval = transfer_dir_internal(p_sess, is_control, p_subdir, &sub_str,
Index: vsftpd-2.3.2/ls.c
===================================================================
--- vsftpd-2.3.2.orig/ls.c 2011-03-07 15:35:00.634054997 +0100
+++ vsftpd-2.3.2/ls.c 2011-03-07 15:36:04.892575431 +0100
@@ -9,6 +9,7 @@
#include "ls.h"
#include "access.h"
+#include "defs.h"
#include "str.h"
#include "strlist.h"
#include "sysstr.h"
@@ -118,7 +119,9 @@
/* If we have an ls option which is a filter, apply it */
if (!str_isempty(p_filter_str))
{
- if (!vsf_filename_passes_filter(&s_next_filename_str, p_filter_str))
+ unsigned int iters = 0;
+ if (!vsf_filename_passes_filter(&s_next_filename_str, p_filter_str,
+ &iters))
{
continue;
}
@@ -217,7 +220,8 @@
int
vsf_filename_passes_filter(const struct mystr* p_filename_str,
- const struct mystr* p_filter_str)
+ const struct mystr* p_filter_str,
+ unsigned int* iters)
{
/* A simple routine to match a filename against a pattern.
* This routine is used instead of e.g. fnmatch(3), because we should be
@@ -244,12 +248,13 @@
str_copy(&filter_remain_str, p_filter_str);
str_copy(&name_remain_str, p_filename_str);
- while (!str_isempty(&filter_remain_str))
+ while (!str_isempty(&filter_remain_str) && *iters < VSFTP_MATCHITERS_MAX)
{
static struct mystr s_match_needed_str;
/* Locate next special token */
struct str_locate_result locate_result =
str_locate_chars(&filter_remain_str, "*?{");
+ (*iters)++;
/* Isolate text leading up to token (if any) - needs to be matched */
if (locate_result.found)
{
@@ -313,7 +318,8 @@
{
str_copy(&new_filter_str, &brace_list_str);
str_append_str(&new_filter_str, &filter_remain_str);
- if (vsf_filename_passes_filter(&name_remain_str, &new_filter_str))
+ if (vsf_filename_passes_filter(&name_remain_str, &new_filter_str,
+ iters))
{
ret = 1;
goto out;
@@ -349,6 +355,9 @@
}
/* OK, a match */
ret = 1;
+ if (*iters == VSFTP_MATCHITERS_MAX) {
+ ret = 0;
+ }
out:
str_free(&filter_remain_str);
str_free(&name_remain_str);
Index: vsftpd-2.3.2/ls.h
===================================================================
--- vsftpd-2.3.2.orig/ls.h 2011-03-07 15:35:00.635055037 +0100
+++ vsftpd-2.3.2/ls.h 2011-03-07 15:36:04.916576372 +0100
@@ -35,11 +35,14 @@
* PARAMETERS
* p_filename_str - the filename to match
* p_filter_str - the filter to match against
+ * iters - pointer to a zero-seeded int which prevents the match
+ * loop from running an excessive number of times
* RETURNS
* Returns 1 if there is a match, 0 otherwise.
*/
int vsf_filename_passes_filter(const struct mystr* p_filename_str,
- const struct mystr* p_filter_str);
+ const struct mystr* p_filter_str,
+ unsigned int* iters);
#endif /* VSF_LS_H */
Index: vsftpd-2.3.2/sysutil.c
===================================================================
--- vsftpd-2.3.2.orig/sysutil.c 2011-03-07 15:35:00.635055037 +0100
+++ vsftpd-2.3.2/sysutil.c 2011-03-07 15:36:04.942577392 +0100
@@ -2013,7 +2013,7 @@
static struct vsf_sysutil_sockaddr* s_p_sockaddr;
vsf_sysutil_sockaddr_alloc_ipv4(&s_p_sockaddr);
vsf_sysutil_memcpy(&s_p_sockaddr->u.u_sockaddr_in.sin_addr, p_raw,
- sizeof(&s_p_sockaddr->u.u_sockaddr_in.sin_addr));
+ sizeof(s_p_sockaddr->u.u_sockaddr_in.sin_addr));
vsf_sysutil_memcpy(&p_sockptr->u.u_sockaddr_in6.sin6_addr,
vsf_sysutil_sockaddr_ipv4_v6(s_p_sockaddr),
sizeof(p_sockptr->u.u_sockaddr_in6.sin6_addr));
