1 ------------------------------------------------------------
3 revision-id: squid3@treenet.co.nz-20161130215630-c42qucqar9bi9a1k
4 parent: squid3@treenet.co.nz-20161130154205-c9z1bhqzuh3rafl3
5 fixes bug: http://bugs.squid-cache.org/show_bug.cgi?id=4004
6 author: Christos Tsantilas <chtsanti@users.sourceforge.net>
7 committer: Amos Jeffries <squid3@treenet.co.nz>
9 timestamp: Thu 2016-12-01 10:56:30 +1300
11 Bug 4004 partial: Fix segfault via Ftp::Client::readControlReply
13 Added nil dereference checks for Ftp::Client::ctrl.conn, including:
14 - Ftp::Client::handlePasvReply() and handleEpsvReply() that dereference
15 ctrl.conn in DBG_IMPORTANT messages.
16 - Many functions inside FtpClient.cc and FtpGateway.cc files.
18 TODO: We need to find a better way to handle nil ctrl.conn. It is only
19 a matter of time when we forget to add another dereference check or
20 discover a place we missed during this change.
22 Also disabled forwarding of EPRT and PORT commands to origin servers.
23 Squid support for those commands is broken and their forwarding may
24 cause segfaults (bug #4004). Active FTP is still supported, of course.
26 This is a Measurement Factory project
27 ------------------------------------------------------------
28 # Bazaar merge directive format 2 (Bazaar 0.90)
29 # revision_id: squid3@treenet.co.nz-20161130215630-c42qucqar9bi9a1k
30 # target_branch: http://bzr.squid-cache.org/bzr/squid3/3.5
31 # testament_sha1: 345883c1b5a5cd221e9d0e68b254df7d955372ad
32 # timestamp: 2016-11-30 22:42:02 +0000
33 # source_branch: http://bzr.squid-cache.org/bzr/squid3/3.5
34 # base_revision_id: squid3@treenet.co.nz-20161130154205-\
38 === modified file 'src/clients/FtpClient.cc'
39 --- src/clients/FtpClient.cc 2016-08-05 14:59:33 +0000
40 +++ src/clients/FtpClient.cc 2016-11-30 21:56:30 +0000
43 debugs(9, 3, status());
45 + if (!Comm::IsConnOpen(ctrl.conn)) {
46 + debugs(9, 5, "The control connection to the remote end is closed");
51 debugs(9, 2, "PASV not supported by remote end");
55 debugs(9, 3, status());
57 + if (!Comm::IsConnOpen(ctrl.conn)) {
58 + debugs(9, 5, "The control connection to the remote end is closed");
62 if (code != 229 && code != 522) {
64 /* handle broken servers (RFC 2428 says OK code for EPSV MUST be 229 not 200) */
67 Ftp::Client::connectDataChannel()
69 + if (!Comm::IsConnOpen(ctrl.conn)) {
70 + debugs(9, 5, "The control connection to the remote end is closed");
74 safe_free(ctrl.last_command);
76 safe_free(ctrl.last_reply);
78 === modified file 'src/clients/FtpGateway.cc'
79 --- src/clients/FtpGateway.cc 2016-01-31 05:39:09 +0000
80 +++ src/clients/FtpGateway.cc 2016-11-30 21:56:30 +0000
82 static FTPSM ftpReadMdtm;
83 static FTPSM ftpSendSize;
84 static FTPSM ftpReadSize;
86 static FTPSM ftpSendEPRT;
88 static FTPSM ftpReadEPRT;
89 static FTPSM ftpSendPORT;
90 static FTPSM ftpReadPORT;
93 Ftp::Gateway::listenForDataChannel(const Comm::ConnectionPointer &conn)
95 + if (!Comm::IsConnOpen(ctrl.conn)) {
96 + debugs(9, 5, "The control connection to the remote end is closed");
100 assert(!Comm::IsConnOpen(data.conn));
102 typedef CommCbMemFunT<Gateway, CommAcceptCbParams> AcceptDialer;
103 @@ -1183,7 +1190,7 @@
107 - debugs(9, 5, HERE << "FD " << ctrl.conn->fd << " : host=" << request->GetHost() <<
108 + debugs(9, 5, "FD " << (ctrl.conn != NULL ? ctrl.conn->fd : -1) << " : host=" << request->GetHost() <<
109 ", path=" << request->urlpath << ", user=" << user << ", passwd=" << password);
111 Ftp::Client::start();
112 @@ -1750,7 +1757,9 @@
113 if (ftpState->handlePasvReply(srvAddr))
114 ftpState->connectDataChannel();
116 - ftpSendEPRT(ftpState);
118 + // Currently disabled, does not work correctly:
119 + // ftpSendEPRT(ftpState);
123 @@ -1790,6 +1799,11 @@
125 safe_free(ftpState->data.host);
127 + if (!Comm::IsConnOpen(ftpState->ctrl.conn)) {
128 + debugs(9, 5, "The control connection to the remote end is closed");
133 * Set up a listen socket on the same local address as the
134 * control connection.
135 @@ -1875,9 +1889,14 @@
136 ftpRestOrList(ftpState);
141 ftpSendEPRT(Ftp::Gateway * ftpState)
143 + /* check the server control channel is still available */
144 + if (!ftpState || !ftpState->haveControlChannel("ftpSendEPRT"))
147 if (Config.Ftp.epsv_all && ftpState->flags.epsv_all_sent) {
148 debugs(9, DBG_IMPORTANT, "FTP does not allow EPRT method after 'EPSV ALL' has been sent.");
150 @@ -1913,6 +1932,7 @@
151 ftpState->writeCommand(cbuf);
152 ftpState->state = Ftp::Client::SENT_EPRT;
157 ftpReadEPRT(Ftp::Gateway * ftpState)
158 @@ -1939,10 +1959,8 @@
162 - if (EBIT_TEST(entry->flags, ENTRY_ABORTED)) {
163 - abortAll("entry aborted when accepting data conn");
164 - data.listenConn->close();
165 - data.listenConn = NULL;
166 + if (!Comm::IsConnOpen(ctrl.conn)) { /*Close handlers will cleanup*/
167 + debugs(9, 5, "The control connection to the remote end is closed");
171 @@ -1955,6 +1973,14 @@
175 + if (EBIT_TEST(entry->flags, ENTRY_ABORTED)) {
176 + abortAll("entry aborted when accepting data conn");
177 + data.listenConn->close();
178 + data.listenConn = NULL;
183 /* data listening conn is no longer even open. abort. */
184 if (!Comm::IsConnOpen(data.listenConn)) {
185 data.listenConn = NULL; // ensure that it's cleared and not just closed.
186 @@ -2705,8 +2731,8 @@
187 Ftp::Gateway::completeForwarding()
189 if (fwd == NULL || flags.completed_forwarding) {
190 - debugs(9, 3, HERE << "completeForwarding avoids " <<
191 - "double-complete on FD " << ctrl.conn->fd << ", Data FD " << data.conn->fd <<
192 + debugs(9, 3, "avoid double-complete on FD " <<
193 + (ctrl.conn != NULL ? ctrl.conn->fd : -1) << ", Data FD " << data.conn->fd <<
194 ", this " << this << ", fwd " << fwd);