Home page logo

nmap-dev logo Nmap Development mailing list archives

Re: [PATCH] Cut down buffer size in ftp_anon_connect()
From: Matthew Murphy <mattmurphy () kc rr com>
Date: Wed, 08 Mar 2006 01:55:41 -0600

Hash: RIPEMD160

Kris Katterjohn wrote:
The attached patch cuts down the size of the 'command' buffer in
ftp_anon-connect() from 512 to 270. ftp->user can hold 64 bytes and ftp->pass
can hold 256, so 270 will hold "PASS [ftp->pass]\r\n" with a few extra bytes
in there. It also uses sizeof in snprintf() instead of just a number.

Kris Katterjohn

I have two potential concerns about this patch.  First of all, I'd
recommend applying it with parenthesis around sizeof expressions, as in:

    sizeof(command) - 1

rather than:

    sizeof command - 1

Most compilers are tolerant of both forms, but I'm more used to seeing
the latter, and it is (IMO) cleaner.

Further, in looking at your choice of buffer size, I'm wondering why 270
instead of 264?

PASS [256 chars]\r\n\0

is exactly 256+8 = 264.  Choosing 264 also makes the buffer eight-byte
aligned, which may save a few bytes of stack space (in addition to the
six byte slack) or make the binary a (microscopic) hair faster by
avoiding alignment issues.

- --
"Social Darwinism: Try to make something idiot-proof,
nature will provide you with a better idiot."

                                -- Michael Holstein

Version: GnuPG v1.4.2 (MingW32)
Comment: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xB5444D38


Sent through the nmap-dev mailing list

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]