Up to [cvs.NetBSD.org] / src / libexec / ftpd
Request diff between arbitrary revisions
Default branch: MAIN
Current tag: netbsd-5-0-RELEASE
Revision 1.58 / (download) - annotate - [select for diffs], Sat Sep 13 03:30:35 2008 UTC (15 years, 7 months ago) by lukem
Branch: MAIN
CVS Tags: wrstuden-revivesa-base-3,
netbsd-5-base,
netbsd-5-2-RELEASE,
netbsd-5-2-RC1,
netbsd-5-2-3-RELEASE,
netbsd-5-2-2-RELEASE,
netbsd-5-2-1-RELEASE,
netbsd-5-2,
netbsd-5-1-RELEASE,
netbsd-5-1-RC4,
netbsd-5-1-RC3,
netbsd-5-1-RC2,
netbsd-5-1-RC1,
netbsd-5-1-5-RELEASE,
netbsd-5-1-4-RELEASE,
netbsd-5-1-3-RELEASE,
netbsd-5-1-2-RELEASE,
netbsd-5-1-1-RELEASE,
netbsd-5-1,
netbsd-5-0-RELEASE,
netbsd-5-0-RC4,
netbsd-5-0-RC3,
netbsd-5-0-RC2,
netbsd-5-0-RC1,
netbsd-5-0-2-RELEASE,
netbsd-5-0-1-RELEASE,
netbsd-5-0,
netbsd-5,
matt-nb5-pq3-base,
matt-nb5-pq3,
matt-nb5-mips64-u2-k2-k4-k7-k8-k9,
matt-nb5-mips64-u1-k1-k5,
matt-nb5-mips64-premerge-20101231,
matt-nb5-mips64-premerge-20091211,
matt-nb5-mips64-k15,
matt-nb5-mips64,
matt-nb4-mips64-k7-u2a-k9b,
matt-mips64-base2
Changes since 1.57: +3 -3
lines
Diff to previous 1.57 (colored)
Don't split large commands into multiple commands; just fail on them. This prevents CSRF-like attacks, when a web browser is used to access an ftp server. Reported by Maksymilian Arciemowicz <cxib@securityreason.com>. Fix mostly derived from OpenBSD, written by Moritz Jodeit <moritz@OpenBSD.org>