Bug#433887: wu-ftpd: SIZE command return undefined values

Raphael Bossek Thu, 19 Jul 2007 22:52:32 -0700

Package: wu-ftpd
Version: 2.6.2-27
Severity: important

The SIZE command implemenation within wu-ftpd does not use the right printf() 
format for stat.st_size. In this case the bits of stat.st_size is truncated and 
the result 
is not what we except to see.


I've created a patch and testet it on i386 and PowerPC successful.


-- System Information:
Debian Release: lenny/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: i386 (i686)

Kernel: Linux 2.6.21-2-k7 (SMP w/1 CPU core)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages wu-ftpd depends on:
ii  debconf [debconf-2.0]         1.5.13     Debian configuration management sy
ii  debianutils                   2.22.1     Miscellaneous utilities specific t
ii  libc6                         2.6-2      GNU C Library: Shared libraries
ii  libpam0g                      0.79-4     Pluggable Authentication Modules l
ii  netbase                       4.29       Basic TCP/IP networking system
ii  perl [perl5]                  5.8.8-7    Larry Wall's Practical Extraction 

wu-ftpd recommends no packages.

-- debconf information excluded

diff -Naur wu-ftpd-2.6.2.orig/src/config/config.nbs 
wu-ftpd-2.6.2/src/config/config.nbs
--- wu-ftpd-2.6.2.orig/src/config/config.nbs    2000-07-01 20:03:07.000000000 
+0200
+++ wu-ftpd-2.6.2/src/config/config.nbs 2007-07-18 14:29:50.000000000 +0200
@@ -48,7 +48,7 @@
 #undef  SHADOW_PASSWORD
 #undef  USG
 #define VIRTUAL
-#define OFFSET_SIZE 8
+#undef OFFSET_SIZE
 #define USE_VAR
 #undef  USE_PID
 #define VAR_RUN
diff -Naur wu-ftpd-2.6.2.orig/src/ftpcmd.y wu-ftpd-2.6.2/src/ftpcmd.y
--- wu-ftpd-2.6.2.orig/src/ftpcmd.y     2007-07-19 09:41:18.000000000 +0200
+++ wu-ftpd-2.6.2/src/ftpcmd.y  2007-07-19 09:28:14.000000000 +0200
@@ -1761,16 +1761,16 @@
            if (stat(filename, &stbuf) < 0 ||
                (stbuf.st_mode & S_IFMT) != S_IFREG)
                reply(550, "%s: not a plain file.", filename);
-           else
-#if OFFSET_SIZE == 8
-               reply(213, "%qu", stbuf.st_size);
-#else
-#ifdef _AIX42
-               reply(213, "%llu", stbuf.st_size);
-#else
-               reply(213, "%lu", stbuf.st_size);
-#endif
-#endif
+           else{
+                       if (sizeof(stbuf.st_size) <= sizeof(unsigned int))
+                               reply(213, "%u", stbuf.st_size);
+                       else if (sizeof(stbuf.st_size) <= sizeof(unsigned long 
int))
+                               reply(213, "%lu", stbuf.st_size);
+                       else if (sizeof(stbuf.st_size) <= sizeof(unsigned long 
long int))
+                               reply(213, "%llu", stbuf.st_size);
+                       else
+                               reply(504, "Size of file %s out of range.", 
filename);
+               }
            break;
        }
     case TYPE_A:{

Bug#433887: wu-ftpd: SIZE command return undefined values

Reply via email to