Nmap Development mailing list archives
Re: [PATCH] Cut down buffer size in ftp_anon_connect()
From: Matthew Murphy <mattmurphy () kc rr com>
Date: Wed, 08 Mar 2006 01:55:41 -0600
-----BEGIN PGP SIGNED MESSAGE----- Hash: RIPEMD160 Kris Katterjohn wrote:
The attached patch cuts down the size of the 'command' buffer in ftp_anon-connect() from 512 to 270. ftp->user can hold 64 bytes and ftp->pass can hold 256, so 270 will hold "PASS [ftp->pass]\r\n" with a few extra bytes in there. It also uses sizeof in snprintf() instead of just a number. Thanks, Kris Katterjohn
I have two potential concerns about this patch. First of all, I'd recommend applying it with parenthesis around sizeof expressions, as in: sizeof(command) - 1 rather than: sizeof command - 1 Most compilers are tolerant of both forms, but I'm more used to seeing the latter, and it is (IMO) cleaner. Further, in looking at your choice of buffer size, I'm wondering why 270 instead of 264? PASS [256 chars]\r\n\0 is exactly 256+8 = 264. Choosing 264 also makes the buffer eight-byte aligned, which may save a few bytes of stack space (in addition to the six byte slack) or make the binary a (microscopic) hair faster by avoiding alignment issues. - -- "Social Darwinism: Try to make something idiot-proof, nature will provide you with a better idiot." -- Michael Holstein -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (MingW32) Comment: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xB5444D38 iD8DBQFEDo39fp4vUrVETTgRAy7qAJ9Cq8ttBjdHcpej7R/7M+xCoB7nNACdH8ZO 1XCrkzvOnhsqB4WcRDhHK+4= =Amtj -----END PGP SIGNATURE-----
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev
Current thread:
- [PATCH] Cut down buffer size in ftp_anon_connect() Kris Katterjohn (Mar 07)
- Re: [PATCH] Cut down buffer size in ftp_anon_connect() Matthew Murphy (Mar 07)
- Re: [PATCH] Cut down buffer size in ftp_anon_connect() Kris Katterjohn (Mar 08)
- Re: [PATCH] Cut down buffer size in ftp_anon_connect() Matthew Murphy (Mar 07)