mirror of
https://github.com/curl/curl.git
synced 2024-12-15 06:40:09 +08:00
769647e714
... by using range checks. Among other things, this avoids an undefined behavior for a left shift that could happen on negative or very large values. Closes #1997 Detected by OSS-fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=3694
45 lines
800 B
Plaintext
45 lines
800 B
Plaintext
<testcase>
|
|
<info>
|
|
<keywords>
|
|
FTP
|
|
</keywords>
|
|
</info>
|
|
|
|
# Server-side
|
|
<reply>
|
|
<servercmd>
|
|
REPLY PASV 227 Entering Passiv Mode (1216,256,2,127,127,127)
|
|
</servercmd>
|
|
</reply>
|
|
|
|
# Client-side
|
|
<client>
|
|
<server>
|
|
ftp
|
|
</server>
|
|
<name>
|
|
FTP getting bad host in 227-response to PASV
|
|
</name>
|
|
<command>
|
|
ftp://%HOSTIP:%FTPPORT/237 --disable-epsv
|
|
</command>
|
|
</client>
|
|
|
|
# Verify data after the test has been "shot"
|
|
# The bogus address used here is chosen specifically so that when processed on
|
|
# certain hosts with buggy resolver code, the resulting address (192.0.2.127)
|
|
# is from an address block that is guaranteed never to be assigned (RFC3330).
|
|
<verify>
|
|
# 14 = CURLE_FTP_WEIRD_227_FORMAT
|
|
<errorcode>
|
|
14
|
|
</errorcode>
|
|
<protocol>
|
|
USER anonymous
|
|
PASS ftp@example.com
|
|
PWD
|
|
PASV
|
|
</protocol>
|
|
</verify>
|
|
</testcase>
|