* src/ftp-ls.c (ftp_parse_vms_ls): Fix heap-buffer-overflow

2025-02-06 09:40:24 +08:00 · 2018-04-21 22:47:17 +02:00 · 2018-04-21 22:47:17 +02:00 · f0d715b264
commit f0d715b264
parent b3ff8ce3d5
1 changed files with 4 additions and 4 deletions
--- a/src/ftp-ls.c
+++ b/src/ftp-ls.c
@ -753,16 +753,16 @@ ftp_parse_vms_ls (FILE *fp)
         what will work in a CWD command.
      */
      len = strlen (tok);
-      if (!c_strncasecmp((tok + (len - 4)), ".DIR", 4))
+      if (len >= 4 && !c_strncasecmp(tok + (len - 4), ".DIR", 4))
        {
-          *(tok+ (len - 4)) = '\0'; /* Discard ".DIR". */
+          *(tok + (len - 4)) = '\0'; /* Discard ".DIR". */
          cur.type  = FT_DIRECTORY;
          cur.perms = VMS_DEFAULT_PROT_DIR;
          DEBUGP (("Directory (nv)\n"));
        }
-      else if (!c_strncasecmp ((tok + (len - 6)), ".DIR;1", 6))
+      else if (len >= 6 && !c_strncasecmp (tok + len - 6, ".DIR;1", 6))
        {
-          *(tok+ (len - 6)) = '\0'; /* Discard ".DIR;1". */
+          *(tok + (len - 6)) = '\0'; /* Discard ".DIR;1". */
          cur.type  = FT_DIRECTORY;
          cur.perms = VMS_DEFAULT_PROT_DIR;
          DEBUGP (("Directory (v)\n"));