[Snort-devel] Bug in src/dynamic-preprocessors/ftptelnet/snort_ftptelnet.c

Reinoud Koornstra sockstat at ...445...
Thu Sep 12 03:30:32 EDT 2013


Hi Everyone,

 

I've been struggeling with trying to get trying to active this option Identify open data channels.

Even with the parameter ignore_data_chan no, it wouldn't activate.

After some instrumentation I found that we were turning it off because of a comparison that didn't go right.

Even with ignore_data_chan set to no, we'd still come in the else if which wasn't correct.

Here's a fix to the problem:

 

---- src/dynamic-preprocessors/ftptelnet/snort_ftptelnet.c.orig 2013-09-12 00:17:29.301433818 -0700
+++ src/dynamic-preprocessors/ftptelnet/snort_ftptelnet.c 2013-09-12 00:21:54.441437865 -0700
@@ -1403,11 +1403,11 @@
                                          confOption);
         return FTPP_FATAL_ERR;
     }
-    if (!strcasecmp("yes", pcToken))
+    if (strncmp("yes", pcToken, 3) != 0)
     {
         ServerConf->data_chan = 1;
     }
-    else if (!strcasecmp("no", pcToken))
+    else if (strncmp("no", pcToken, 2) != 0)
     {
         if (ServerConf->data_chan == 1)
         {

 

Thanks,

 

Reinoud.
 		 	   		  
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-devel/attachments/20130912/9dd8845c/attachment.html>


More information about the Snort-devel mailing list