Skip Menu |

This queue is for tickets about the libnet CPAN distribution.

Report information
The Basics
Id: 50420
Status: resolved
Priority: 0/
Queue: libnet
People
Owner: Nobody in particular
Requestors: bergner [...] cs.umu.se
Cc:
AdminCc:
Bug Information
Severity: Important
Broken in: (no value)
Fixed in: 1.25

History Show all quoted text
  Mon Oct 12 15:28:47 2009 bergner [...] cs.umu.se - Ticket created
Subject: Net::FTP pasv_wait() not handling errors from Net::Cmd reponse()
The response() method in Net::Cmd calls its getline() method to read lines from the command socket. In case something goes wrong with that read, getline() returns undef (e.g. due to "Unexpected EOF on command channel"). When this happens the response() method will explicitly return CMD_ERROR (the value 5). In Net::FTP pasv_wait() the return values from $ftp->response() and $non_pasv->response() are not checked at all, which can cause pasv_wait() to indicate success even though you got an "Unexpected EOF on command channel" error when trying to read the response. Suggested patch is to check the return values of the response() calls against CMD_OK. If that equality check fails, return undef from pasv_wait, which will cause pasv_xfer to return undef indicating that something wasn't right. A somewhat related issue is the fact that the error returned by Net::Cmd response() in these cases is not the same thing as what the status() or code() methods would return in a subsequent call. This could of course be by design, but it does prevent people from doing a reasonable workaround for the above issues with pasv_xfer()/pasv_wait(). Seems like an easy fix, and I don't really see any potential issues that would arise from doing it.
  Mon Oct 12 15:31:33 2009 gbarr [...] pobox.com - Correspondence added
Subject: Re: [rt.cpan.org #50420] Net::FTP pasv_wait() not handling errors from Net::Cmd reponse()
Date: Mon, 12 Oct 2009 14:31:11 -0500
To: bug-libnet [...] rt.cpan.org
From: Graham Barr <gbarr [...] pobox.com>
On Oct 12, 2009, at 2:28 PM, Marcus Bergner via RT wrote: Show quoted text
> Suggested patch is to check the return values of the response() calls > against CMD_OK. If that equality check fails, return undef from > pasv_wait, which will cause pasv_xfer to return undef indicating that > something wasn't right.
Do you have a working patch ? Graham.
  Mon Oct 12 15:31:34 2009 The RT System itself - Status changed from 'new' to 'open'
  Thu Oct 15 05:13:18 2009 bergner [...] cs.umu.se - Correspondence added
From: bergner [...] cs.umu.se
On Mon Oct 12 15:31:33 2009, gbarr@pobox.com wrote: Show quoted text
> On Oct 12, 2009, at 2:28 PM, Marcus Bergner via RT wrote:
> > Suggested patch is to check the return values of the response() calls > > against CMD_OK. If that equality check fails, return undef from > > pasv_wait, which will cause pasv_xfer to return undef indicating that > > something wasn't right.
> > Do you have a working patch ? > > Graham. >
I have been running with the following local modifications on various servers in a high load environment for a while now without noticing any problems, so yes I would say the following is a relevant patch. In reality it is the Net/FTP.pm pasv_wait that was adjusted, just did the local copy to have things to run against diff -u. Patch file attached, but it is just: --- /usr/lib/perl5/5.10.0/Net/FTP.pm 2009-04-14 13:23:07.000000000 +0200 +++ FTP.pm 2009-10-15 11:00:36.000000000 +0200 @@ -1145,8 +1145,10 @@ vec($rin = '', fileno($ftp), 1) = 1; select($rout = $rin, undef, undef, undef); - $ftp->response(); - $non_pasv->response(); + my $dres = $ftp->response(); + my $sres = $non_pasv->response(); + return undef + unless $dres == CMD_OK && $sres == CMD_OK; return undef unless $ftp->ok() && $non_pasv->ok(); Regards, Marcus
--- /usr/lib/perl5/5.10.0/Net/FTP.pm 2009-04-14 13:23:07.000000000 +0200 +++ FTP.pm 2009-10-15 11:00:36.000000000 +0200 @@ -1145,8 +1145,10 @@ vec($rin = '', fileno($ftp), 1) = 1; select($rout = $rin, undef, undef, undef); - $ftp->response(); - $non_pasv->response(); + my $dres = $ftp->response(); + my $sres = $non_pasv->response(); + return undef + unless $dres == CMD_OK && $sres == CMD_OK; return undef unless $ftp->ok() && $non_pasv->ok();
  Fri Jan 31 03:43:09 2014 shay [...] cpan.org - Correspondence added
On Thu Oct 15 05:13:18 2009, bergner wrote: Show quoted text
> On Mon Oct 12 15:31:33 2009, gbarr@pobox.com wrote:
> > On Oct 12, 2009, at 2:28 PM, Marcus Bergner via RT wrote:
> > > Suggested patch is to check the return values of the response() calls > > > against CMD_OK. If that equality check fails, return undef from > > > pasv_wait, which will cause pasv_xfer to return undef indicating that > > > something wasn't right.
> > > > Do you have a working patch ? > > > > Graham. > >
> > I have been running with the following local modifications on various > servers in a high load environment for a while now without noticing any > problems, so yes I would say the following is a relevant patch. In > reality it is the Net/FTP.pm pasv_wait that was adjusted, just did the > local copy to have things to run against diff -u. Patch file attached, > but it is just: > > --- /usr/lib/perl5/5.10.0/Net/FTP.pm 2009-04-14 13:23:07.000000000 +0200 > +++ FTP.pm 2009-10-15 11:00:36.000000000 +0200 > @@ -1145,8 +1145,10 @@ > vec($rin = '', fileno($ftp), 1) = 1; > select($rout = $rin, undef, undef, undef); > > - $ftp->response(); > - $non_pasv->response(); > + my $dres = $ftp->response(); > + my $sres = $non_pasv->response(); > + return undef > + unless $dres == CMD_OK && $sres == CMD_OK; > > return undef > unless $ftp->ok() && $non_pasv->ok(); > > > Regards, > > Marcus
Thanks, patch applied to the forthcoming libnet-1.25.
  Fri Jan 31 03:43:10 2014 shay [...] cpan.org - Status changed from 'open' to 'patched'
  Tue Feb 04 13:40:37 2014 shay [...] cpan.org - Correspondence added
Thanks again, now fixed in libnet-1.25.
  Tue Feb 04 13:40:38 2014 shay [...] cpan.org - Status changed from 'patched' to 'resolved'
  Tue Feb 04 13:40:39 2014 shay [...] cpan.org - Fixed in 1.25 added