"Fossies" - the Fresh Open Source Software Archive  

Source code changes of the file "src/service_inspectors/ftp_telnet/pp_ftp.cc" between
snort3-3.1.31.0.tar.gz and snort3-3.1.32.0.tar.gz

About: Snort 3 is a network intrusion prevention and detection system (IDS/IPS) combining the benefits of signature, protocol and anomaly-based inspection.

pp_ftp.cc  (snort3-3.1.31.0):pp_ftp.cc  (snort3-3.1.32.0)
skipping to change at line 1396 skipping to change at line 1396
(iMode == FTPP_SI_CLIENT_MODE) && isspace(*read_ptr) ) (iMode == FTPP_SI_CLIENT_MODE) && isspace(*read_ptr) )
read_ptr++; read_ptr++;
// ignore extra \r\n emitted by some clients // ignore extra \r\n emitted by some clients
if ( read_ptr == end ) if ( read_ptr == end )
break; break;
req->cmd_begin = (const char*)read_ptr; req->cmd_begin = (const char*)read_ptr;
while ((read_ptr < end) && while ((read_ptr < end) &&
(*read_ptr != SP) && (!isspace(*read_ptr)) &&
(*read_ptr != CR) &&
(*read_ptr != LF) && /* Check for LF when there wasn't a CR, (*read_ptr != LF) && /* Check for LF when there wasn't a CR,
* protocol violation, but accepted by * protocol violation, but accepted by
* some servers. */ * some servers. */
(*read_ptr != DASH)) (*read_ptr != DASH))
{ {
/* If the first char is a digit this is a response /* If the first char is a digit this is a response
* in server mode. */ * in server mode. */
if (iMode == FTPP_SI_SERVER_MODE) if (iMode == FTPP_SI_SERVER_MODE)
{ {
if (isdigit(*read_ptr)) if (isdigit(*read_ptr))
skipping to change at line 1445 skipping to change at line 1444
|| (state == FTP_CMD_INV) ) || (state == FTP_CMD_INV) )
{ {
/* Uh, something is very wrong... /* Uh, something is very wrong...
* nonalpha char seen or cmd is bad length. * nonalpha char seen or cmd is bad length.
* See if this might be encrypted, ie, non-alpha bytes. */ * See if this might be encrypted, ie, non-alpha bytes. */
const unsigned char* ptr = (const unsigned char*)req->cmd_begin; const unsigned char* ptr = (const unsigned char*)req->cmd_begin;
while (ptr < (const unsigned char*)req->cmd_end) while (ptr < (const unsigned char*)req->cmd_end)
{ {
if (!isalpha((int)(*ptr))) if (!isalpha((int)(*ptr)))
{ {
if (!isascii((int)(*ptr)) || !isprint((int)(*ptr))) if (!isascii((int)(*ptr)) || (!isprint((int)(*ptr)) && ( !isspace((int)(*ptr)))))
{ {
encrypted = 1; encrypted = 1;
} }
break; break;
} }
ptr++; ptr++;
} }
} }
if (encrypted) if (encrypted)
skipping to change at line 1522 skipping to change at line 1521
if ( (req->cmd_size != 3) || (state == FTP_RESPONSE_INV) ) if ( (req->cmd_size != 3) || (state == FTP_RESPONSE_INV) )
{ {
/* Uh, something is very wrong... /* Uh, something is very wrong...
* nondigit char seen or resp code is not 3 chars. * nondigit char seen or resp code is not 3 chars.
* See if this might be encrypted, ie, non-alpha bytes. */ * See if this might be encrypted, ie, non-alpha bytes. */
const char* ptr = req->cmd_begin; const char* ptr = req->cmd_begin;
while (ptr < req->cmd_end) while (ptr < req->cmd_end)
{ {
if (!isdigit((int)(*ptr))) if (!isdigit((int)(*ptr)))
{ {
if (!isascii((int)(*ptr)) || !isprint((int)(*ptr))) if (!isascii((int)(*ptr)) || (!isprint((int)(*ptr)) && ( !isspace((int)(*ptr)))))
{ {
encrypted = 1; encrypted = 1;
} }
break; break;
} }
ptr++; ptr++;
} }
} }
if (encrypted) if (encrypted)
skipping to change at line 1636 skipping to change at line 1635
else else
{ {
ftpssn->server.response.state = FTP_RESPONSE_INV; ftpssn->server.response.state = FTP_RESPONSE_INV;
} }
} }
} }
} }
if (read_ptr < end) if (read_ptr < end)
{ {
if (*read_ptr == SP) if (isspace(*read_ptr))
{ {
space = 1; space = 1;
} }
read_ptr++; /* Move past the space, dash, or CR */ read_ptr++; /* Move past the space, dash, or CR */
} }
/* If there is anything left... */ /* If there is anything left... */
if (read_ptr < end) if (read_ptr < end)
 End of changes. 4 change blocks. 
5 lines changed or deleted 4 lines changed or added

Home  |  About  |  Features  |  All  |  Newest  |  Dox  |  Diffs  |  RSS Feeds  |  Screenshots  |  Comments  |  Imprint  |  Privacy  |  HTTP(S)