Closed
Bug 266835
Opened 20 years ago
Closed 20 years ago
Sends wrong FTP password for anonymous:userpasswd@server
Categories
(Core Graveyard :: Networking: FTP, defect)
Core Graveyard
Networking: FTP
Tracking
(Not tracked)
RESOLVED
FIXED
People
(Reporter: glandium, Assigned: mcsmurf)
References
Details
Attachments
(2 files, 3 obsolete files)
1.77 KB,
patch
|
mcsmurf
:
review+
darin.moz
:
superreview+
|
Details | Diff | Splinter Review |
2.20 KB,
patch
|
Details | Diff | Splinter Review |
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.3) Gecko/20041028 Firefox/1.0RC1 (Debian package 0.99.0+1.0RC1-1) Build Identifier: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.3) Gecko/20041028 Firefox/1.0RC1 (Debian package 0.99.0+1.0RC1-1) [Bug first reported here: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=226784 ] Copy-Paste from the original report: I recently discovered that this program has a bug with sending the correct password specified by user using the server:passwd syntax if the username is "anonymous". I know that having a password for anonymous FTP user is a bit unusual, though the program should work correctly in this case and not blindly ignore what the user has entered and send some other password string instead. Reproducible: Always Steps to Reproduce: 1. 2. 3.
Assignee | ||
Comment 1•20 years ago
|
||
Note: I don't know if this patch is correct or perfect or if it complies with the RfCs, but it's a patch that should fix this bug ;-)!
Assignee | ||
Updated•20 years ago
|
Attachment #163984 -
Flags: review?(darin)
Comment 2•20 years ago
|
||
> Note: I don't know if this patch is correct
It's not. It leaks anonPassword when mPassword is set. Switch to nsXPIDLCString?
Other than that, looks ok...
Assignee | ||
Updated•20 years ago
|
Attachment #163984 -
Flags: review?(darin)
Assignee | ||
Comment 3•20 years ago
|
||
Attachment #163984 -
Attachment is obsolete: true
Assignee | ||
Comment 4•20 years ago
|
||
Assignee | ||
Updated•20 years ago
|
Attachment #164553 -
Attachment is obsolete: true
Assignee | ||
Updated•20 years ago
|
Attachment #164555 -
Flags: review?(darin)
Reporter | ||
Comment 5•20 years ago
|
||
The last patch doesn't work on firefox 1.0rc2: nsFtpConnectionThread.cpp: In member function `nsresult nsFtpState::S_pass()': nsFtpConnectionThread.cpp:1067: error: `AppendLiteral' undeclared (first use this function) nsFtpConnectionThread.cpp:1067: error: (Each undeclared identifier is reported only once for each function it appears in.) I guess changing AppendLiteral by Append does the trick.
Assignee | ||
Comment 6•20 years ago
|
||
(In reply to comment #5) > The last patch doesn't work on firefox 1.0rc2: [...] Yes, this patch was never intended to work with Firefox. But yes, if this ever should go into Aviary branch (for FF 1.0.1 then?) AppendLiteral can be changed to Append.
Comment 7•20 years ago
|
||
Frank, anonPassword is not a literal, so you can't call AppendLiteral on it. On modern enough compilers that simply won't build. You want to call AppendASCII if you're sure that the string is ASCII. In this case, I doubt it has to be ascii. In fact, it's worth checking how it's stored; you may need to get it as a WString and do a UTF16-to-UTF8 conversion or something...
Comment 8•20 years ago
|
||
>You want to call AppendASCII if you're sure that the string is ASCII. In this
>case, I doubt it has to be ascii.
it comes from prefs. GetCharPref uses ASCII. (it may work with UTF-8, but its
interface only guarantees ASCII)
I doubt it's worth getting a wstring out of prefs here... behaviour of nonascii
ftp passwords is not really defined anyway, afaik...
OS: Linux → All
Hardware: PC → All
Assignee | ||
Comment 9•20 years ago
|
||
Attachment #164555 -
Attachment is obsolete: true
Assignee | ||
Comment 10•20 years ago
|
||
Assignee | ||
Updated•20 years ago
|
Attachment #164555 -
Flags: review?(darin)
Assignee | ||
Comment 11•20 years ago
|
||
Comment on attachment 164794 [details] [diff] [review] Patch 4 (diff -uw) r=biesi per irc
Attachment #164794 -
Flags: superreview?(darin)
Attachment #164794 -
Flags: review+
Updated•20 years ago
|
Attachment #164794 -
Flags: superreview?(darin) → superreview+
Assignee | ||
Updated•20 years ago
|
Assignee: dougt → bugzilla
Status: UNCONFIRMED → NEW
Ever confirmed: true
Assignee | ||
Comment 12•20 years ago
|
||
Patch 4 (diff -u) has been checked in: 2004-11-06 08:57 bmlk%gmx.de mozilla/ netwerk/ protocol/ ftp/ src/ nsFtpConnectionThread.cpp 1.290 19/16 send user/pref specified password if specified instead of default password for anonymous ftp, bug 266835 p= Frank Wein, r=biesi, sr=darin"
Status: NEW → RESOLVED
Closed: 20 years ago
Resolution: --- → FIXED
Reporter | ||
Comment 13•20 years ago
|
||
Could you provide a patch for firefox ?
Status: RESOLVED → REOPENED
Resolution: FIXED → ---
Comment 14•20 years ago
|
||
this patch also fixes firefox.
Status: REOPENED → RESOLVED
Closed: 20 years ago → 20 years ago
Resolution: --- → FIXED
Reporter | ||
Comment 15•20 years ago
|
||
No, it doesn't, because there's no AppendLiteral nor AppendASCII in firefox.
Status: RESOLVED → REOPENED
Resolution: FIXED → ---
Comment 16•20 years ago
|
||
there is AppendASCII and AppendLiteral in firefox, since firefox uses the same gecko as mozilla. now should you mean the aviary 1.0 branch, indeed, there is neither of those there. you can use Append. to my knowledge, on that branch only crash and security fixes are accepted at this point, though. (according to http://blog.ebrahim.org/archives/2004/11/06/firefox_10_on_track_relnote_nomination.php) please stop reopening bugs just for branch landings.
Status: REOPENED → RESOLVED
Closed: 20 years ago → 20 years ago
Resolution: --- → FIXED
Comment 17•20 years ago
|
||
Comment on attachment 164794 [details] [diff] [review] Patch 4 (diff -uw) >+ passwordStr.AppendASCII(anonPassword); Why are we using AppendASCII on nsCSubtrings?
Comment 18•20 years ago
|
||
(In reply to comment #17) > (From update of attachment 164794 [details] [diff] [review]) > >+ passwordStr.AppendASCII(anonPassword); > Why are we using AppendASCII on nsCSubtrings? why not? :-) although now that you mention it, why do we have it on non-wide strings?
So that wide strings and 8-bit strings have the same API
Comment 20•19 years ago
|
||
*** Bug 292600 has been marked as a duplicate of this bug. ***
Updated•3 months ago
|
Product: Core → Core Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•