Thanks to visit codestin.com
Credit goes to github.com

Skip to content

test340 fails with curl 7.54.1 on Mageia 6 #2395

New issue
New issue
Closed
Closed
test340 fails with curl 7.54.1 on Mageia 6#2395
@kekePower

Description

@kekePower
kekePower
opened on Mar 17, 2018

I did this

I backported the patches for the new CVE's to curl 7.54.1 that was published, but the new test, test340, fails.

test 0340...[FTP using %00 in path with singlecwd]
../src/curl --output log/curl340.out --include --trace-ascii log/trace340 --trace-time --ftp-method
singlecwd ftp://127.0.0.1:8992/%00first/second/third/340 >log/stdout340 2>log/stderr340
CMD (768): ../src/curl --output log/curl340.out --include --trace-ascii log/trace340 --trace-time -
-ftp-method singlecwd ftp://127.0.0.1:8992/%00first/second/third/340 >log/stdout340 2>log/stderr340

340: protocol FAILED:
--- log/check-expected 2018-03-17 13:30:57.887967091 +0100
+++ log/check-generated 2018-03-17 13:30:57.887967091 +0100
@@ -1,3 +1,3 @@
-USER anonymous^M[LF]
-PASS [email protected]^M[LF]
-PWD^M[LF]
+USER anonymous[CR][LF]
+PASS [email protected][CR][LF]
+PWD[CR][LF]
== Contents of files in the log/ dir after test 340
=== Start of file check-expected
USER anonymous^M[LF]
PASS [email protected]^M[LF]
PWD^M[LF]
=== End of file check-expected
=== Start of file check-generated
USER anonymous[CR][LF]
PASS [email protected][CR][LF]
PWD[CR][LF]
=== End of file check-generated
=== Start of file ftp_server.log
13:30:57.886624 ====> Client connect
13:30:57.886772 > "220- _ _ ____ _ [CR][LF]220- | | | | _ | | [CR][LF]220-
/ __| | | | |) | | [CR][LF]220- | (| || | _ {| |__ [CR][LF]220 _|_/|| ____
|[CR][LF]"
13:30:57.887347 < "USER anonymous"
13:30:57.887391 > "331 We are happy you popped in![CR][LF]"
13:30:57.887803 < "PASS [email protected]"
13:30:57.887843 > "230 Welcome you silly person[CR][LF]"
13:30:57.888263 < "PWD"
13:30:57.888310 > "257 "/" is current directory[CR][LF]"
13:30:57.888789 MAIN sockfilt said DISC
13:30:57.888824 ====> Client disconnected
13:30:57.888879 Awaiting input
=== End of file ftp_server.log
=== Start of file ftp_sockctrl.log
13:30:57.387028 ====> Client connect
13:30:57.387332 Received DATA (on stdin)
13:30:57.387369 > 160 bytes data, server => client
13:30:57.387394 '220- _ _ ____ _ \r\n220- | | | | _ | | '
13:30:57.387416 ' \r\n220- / __| | | | |) | | \r\n220- | (| || | '
13:30:57.387436 '_ {| |___ \r\n220 _|_/|| _____|\r\n'
13:30:57.387678 < 16 bytes data, client => server
13:30:57.387725 'USER anonymous\r\n'
13:30:57.387945 Received DATA (on stdin)
13:30:57.387973 > 33 bytes data, server => client
13:30:57.388003 '331 We are happy you popped in!\r\n'
13:30:57.388187 < 22 bytes data, client => server
13:30:57.388235 'PASS [email protected]\r\n'
13:30:57.388395 Received DATA (on stdin)
13:30:57.388422 > 30 bytes data, server => client
13:30:57.388444 '230 Welcome you silly person\r\n'
13:30:57.388645 < 5 bytes data, client => server
13:30:57.388693 'PWD\r\n'
13:30:57.388864 Received DATA (on stdin)
13:30:57.388891 > 30 bytes data, server => client
13:30:57.388915 '257 "/" is current directory\r\n'
13:30:57.389228 ====> Client disconnect
=== End of file ftp_sockctrl.log
=== Start of file server.input
USER anonymous
PASS [email protected]
PWD
=== End of file server.input
=== Start of file stderr340
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed

0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0
curl: (3) URL using bad/illegal format or missing URL
=== End of file stderr340
=== Start of file trace340
13:30:57.386807 == Info: Trying 127.0.0.1...
13:30:57.386889 == Info: TCP_NODELAY set
13:30:57.387307 == Info: Connected to 127.0.0.1 (127.0.0.1) port 8992 (#0)
13:30:57.387540 <= Recv header, 32 bytes (0x20)
0000: 220- _ _ ____ _
13:30:57.387565 <= Recv header, 32 bytes (0x20)
0000: 220- | | | | _ | |
13:30:57.387576 <= Recv header, 32 bytes (0x20)
0000: 220- / __| | | | |) | |
13:30:57.387584 <= Recv header, 32 bytes (0x20)
0000: 220- | (| || | _ {| |__
13:30:57.387591 <= Recv header, 32 bytes (0x20)
0000: 220 _|_/|| _____|
13:30:57.387636 => Send header, 16 bytes (0x10)
0000: USER anonymous
13:30:57.388099 <= Recv header, 33 bytes (0x21)
0000: 331 We are happy you popped in
13:30:57.388149 => Send header, 22 bytes (0x16)
0000: PASS [email protected]
13:30:57.388543 <= Recv header, 30 bytes (0x1e)
0000: 230 Welcome you silly person
13:30:57.388607 => Send header, 5 bytes (0x5)
0000: PWD
13:30:57.389006 <= Recv header, 30 bytes (0x1e)
0000: 257 "/" is current directory
13:30:57.389027 == Info: Entry path is '/'
13:30:57.389148 == Info: Closing connection 0
=== End of file trace340

I expected the following

I would expect the test to complete without errors.

curl/libcurl version

$ curl -V
curl 7.54.1 (x86_64-mageia-linux-gnu) libcurl/7.54.1 OpenSSL/1.0.2n zlib/1.2.11 libssh2/1.7.0 nghttp2/1.9.2
Release-Date: 2017-06-14
Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps pop3 pop3s rtsp scp sftp smb smbs smtp smtps telnet tftp
Features: IPv6 Largefile GSS-API Kerberos SPNEGO NTLM NTLM_WB SSL libz TLS-SRP HTTP2 UnixSockets HTTPS-proxy

operating system

Mageia 6, have tried on both i586 and x86_64. GCC 5.5.0.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions