📄 snort_ftptelnet.c
字号:
pcToken = NextToken( CONF_SEPARATORS); if(!pcToken) { snprintf(ErrorString, ErrStrLen, "Invalid cmd list format."); return FTPP_FATAL_ERR; } iLength = strtol(pcToken, &pcEnd, 10); /* * Let's check to see if the entire string was valid. * If there is an address here, then there was an * invalid character in the string. */ if((*pcEnd) || (iLength < 0)) { snprintf(ErrorString, ErrStrLen, "Invalid argument to token '%s'. " "Length must be a positive number", confOption); return FTPP_FATAL_ERR; } } if (require_cmds) { pcToken = NextToken( CONF_SEPARATORS); if(!pcToken) { snprintf(ErrorString, ErrStrLen, "Invalid cmd list format."); return FTPP_FATAL_ERR; } if(strcmp(START_PORT_LIST, pcToken)) { snprintf(ErrorString, ErrStrLen, "Must start a cmd list with the '%s' token.", START_PORT_LIST); return FTPP_FATAL_ERR; } while((pcToken = NextToken( CONF_SEPARATORS))) { if(!strcmp(END_PORT_LIST, pcToken)) { iEndCmds = 1; break; } cmd = pcToken; if (strlen(cmd) > 4) { snprintf(ErrorString, ErrStrLen, "FTP Commands are no longer than 4 characters: '%s'.", cmd); return FTPP_FATAL_ERR; } FTPCmd = ftp_cmd_lookup_find(ServerConf->cmd_lookup, cmd, strlen(cmd), &iRet); if (FTPCmd == NULL) { /* Add it to the list */ FTPCmd = (FTP_CMD_CONF *)malloc(sizeof(FTP_CMD_CONF)); memset(FTPCmd, 0, sizeof(FTP_CMD_CONF)); strcpy(FTPCmd->cmd_name, cmd); ftp_cmd_lookup_add(ServerConf->cmd_lookup, cmd, strlen(cmd), FTPCmd); FTPCmd->max_param_len = ServerConf->def_max_param_len; } if (require_length) { FTPCmd->max_param_len = iLength; FTPCmd->max_param_len_overridden = 1; } } if(!iEndCmds) { snprintf(ErrorString, ErrStrLen, "Must end '%s' configuration with '%s'.", FTP_CMDS, END_PORT_LIST); return FTPP_FATAL_ERR; } } if (!strcmp(confOption, MAX_PARAM_LEN)) { ServerConf->def_max_param_len = iLength; /* Reset the max length to the default for all existing commands */ FTPCmd = ftp_cmd_lookup_first(ServerConf->cmd_lookup, &iRet); while (FTPCmd) { if (!FTPCmd->max_param_len_overridden) { FTPCmd->max_param_len = ServerConf->def_max_param_len; } FTPCmd = ftp_cmd_lookup_next(ServerConf->cmd_lookup, &iRet); } } return FTPP_SUCCESS;}/* * Function: ResetStringFormat (FTP_PARAM_FMT *Fmt) * * Purpose: Recursively sets nodes that allow strings to nodes that check * for a string format attack within the FTP parameter validation tree * * Arguments: Fmt => pointer to the FTP Parameter configuration * * Returns: None * */void ResetStringFormat (FTP_PARAM_FMT *Fmt){ int i; if (!Fmt) return; if (Fmt->type == e_unrestricted) Fmt->type = e_strformat; ResetStringFormat(Fmt->optional_fmt); for (i=0;i<Fmt->numChoices;i++) { ResetStringFormat(Fmt->choices[i]); } ResetStringFormat(Fmt->next_param_fmt);}/* * Function: ProcessFTPDataChanCmdsList(FTP_SERVER_PROTO_CONF *ServerConf, * char *confOption, * char *ErrorString, int ErrStrLen) * * Purpose: Process the FTP cmd lists for the client configuration. * This configuration is an indicator of data channels, data transfer, * string format, encryption, or login commands. * * Arguments: ServerConf => pointer to the FTP server configuration * confOption => pointer to the name of the option * ErrorString => error string buffer * ErrStrLen => the length of the error string buffer * * Returns: int => an error code integer (0 = success, * >0 = non-fatal error, <0 = fatal error) * */static int ProcessFTPDataChanCmdsList(FTP_SERVER_PROTO_CONF *ServerConf, char *confOption, char *ErrorString, int ErrStrLen){ FTP_CMD_CONF *FTPCmd = NULL; char *pcToken; char *cmd; int iEndCmds = 0; int iRet; pcToken = NextToken( CONF_SEPARATORS); if(!pcToken) { snprintf(ErrorString, ErrStrLen, "Invalid %s list format.", confOption); return FTPP_FATAL_ERR; } if(strcmp(START_PORT_LIST, pcToken)) { snprintf(ErrorString, ErrStrLen, "Must start a %s list with the '%s' token.", confOption, START_PORT_LIST); return FTPP_FATAL_ERR; } while((pcToken = NextToken( CONF_SEPARATORS))) { if(!strcmp(END_PORT_LIST, pcToken)) { iEndCmds = 1; break; } cmd = pcToken; if (strlen(cmd) > 4) { snprintf(ErrorString, ErrStrLen, "FTP Commands are no longer than 4 characters: '%s'.", cmd); return FTPP_FATAL_ERR; } FTPCmd = ftp_cmd_lookup_find(ServerConf->cmd_lookup, cmd, strlen(cmd), &iRet); if (FTPCmd == NULL) { /* Add it to the list */ FTPCmd = (FTP_CMD_CONF *)malloc(sizeof(FTP_CMD_CONF)); memset(FTPCmd, 0, sizeof(FTP_CMD_CONF)); strcpy(FTPCmd->cmd_name, cmd); FTPCmd->max_param_len = ServerConf->def_max_param_len; ftp_cmd_lookup_add(ServerConf->cmd_lookup, cmd, strlen(cmd), FTPCmd); } if (!strcmp(confOption, DATA_CHAN_CMD)) FTPCmd->data_chan_cmd = 1; else if (!strcmp(confOption, DATA_XFER_CMD)) FTPCmd->data_xfer_cmd = 1; else if (!strcmp(confOption, STRING_FORMAT)) { FTP_PARAM_FMT *Fmt = FTPCmd->param_format; if (Fmt) { ResetStringFormat(Fmt); } else { Fmt = malloc(sizeof(FTP_PARAM_FMT)); memset(Fmt, 0, sizeof(FTP_PARAM_FMT)); Fmt->type = e_head; FTPCmd->param_format = Fmt; Fmt = malloc(sizeof(FTP_PARAM_FMT)); memset(Fmt, 0, sizeof(FTP_PARAM_FMT)); Fmt->type = e_strformat; FTPCmd->param_format->next_param_fmt = Fmt; Fmt->prev_param_fmt = FTPCmd->param_format; } FTPCmd->check_validity = 1; } else if (!strcmp(confOption, ENCR_CMD)) FTPCmd->encr_cmd = 1; else if (!strcmp(confOption, LOGIN_CMD)) FTPCmd->login_cmd = 1; } if(!iEndCmds) { snprintf(ErrorString, ErrStrLen, "Must end '%s' configuration with '%s'.", confOption, END_PORT_LIST); return FTPP_FATAL_ERR; } return FTPP_SUCCESS;}/* * Function: ProcessFTPDirCmdsList(FTP_SERVER_PROTO_CONF *ServerConf, * char *confOption, * char *ErrorString, int ErrStrLen) * * Purpose: Process the FTP cmd lists for the client configuration. * This configuration is an indicator of commands used to * retrieve or update the current directory. * * Arguments: ServerConf => pointer to the FTP server configuration * confOption => pointer to the name of the option * ErrorString => error string buffer * ErrStrLen => the length of the error string buffer * * Returns: int => an error code integer (0 = success, * >0 = non-fatal error, <0 = fatal error) * */static int ProcessFTPDirCmdsList(FTP_SERVER_PROTO_CONF *ServerConf, char *confOption, char *ErrorString, int ErrStrLen){ FTP_CMD_CONF *FTPCmd = NULL; char *pcToken; char *pcEnd = NULL; char *cmd; int iCode; int iEndCmds = 0; int iRet; pcToken = NextToken( CONF_SEPARATORS); if(!pcToken) { snprintf(ErrorString, ErrStrLen, "Invalid %s list format.", confOption); return FTPP_FATAL_ERR; } if(strcmp(START_PORT_LIST, pcToken)) { snprintf(ErrorString, ErrStrLen, "Must start a %s list with the '%s' token.", confOption, START_PORT_LIST); return FTPP_FATAL_ERR; } while((pcToken = NextToken( CONF_SEPARATORS))) { if(!strcmp(END_PORT_LIST, pcToken)) { iEndCmds = 1; break; } cmd = pcToken; if (strlen(cmd) > 4) { snprintf(ErrorString, ErrStrLen, "FTP Commands are no longer than 4 characters: '%s'.", cmd); return FTPP_FATAL_ERR; } FTPCmd = ftp_cmd_lookup_find(ServerConf->cmd_lookup, cmd, strlen(cmd), &iRet); if (FTPCmd == NULL) { /* Add it to the list */ FTPCmd = (FTP_CMD_CONF *)malloc(sizeof(FTP_CMD_CONF)); memset(FTPCmd, 0, sizeof(FTP_CMD_CONF)); strcpy(FTPCmd->cmd_name, cmd); FTPCmd->max_param_len = ServerConf->def_max_param_len; ftp_cmd_lookup_add(ServerConf->cmd_lookup, cmd, strlen(cmd), FTPCmd); } pcToken = NextToken( CONF_SEPARATORS); if (!pcToken) { snprintf(ErrorString, ErrStrLen, "FTP Dir Cmds must have associated response code: '%s'.", cmd); return FTPP_FATAL_ERR; } iCode = strtol(pcToken, &pcEnd, 10); /* * Let's check to see if the entire string was valid. * If there is an address here, then there was an * invalid character in the string. */ if((*pcEnd) || (iCode < 0)) { snprintf(ErrorString, ErrStrLen, "Invalid argument to token '%s'. " "Code must be a positive number", confOption); return FTPP_FATAL_ERR; } FTPCmd->dir_response = iCode; } if(!iEndCmds) { snprintf(ErrorString, ErrStrLen, "Must end '%s' configuration with '%s'.", confOption, END_PORT_LIST); return FTPP_FATAL_ERR; } return FTPP_SUCCESS;}/* * Function: SetOptionalsNext(FTP_PARAM_FMT *ThisFmt, * FTP_PARAM_FMT *NextFmt, * FTP_PARAM_FMT **choices, * int numChoices) * * Purpose: Recursively updates the next value for nodes in the FTP * Parameter validation tree. * * Arguments: ThisFmt => pointer to an FTP parameter validation node * NextFmt => pointer to an FTP parameter validation node * choices => pointer to a list of FTP parameter * validation nodes * numChoices => the number of nodes in the list * * Returns: int => an error code integer (0 = success, * >0 = non-fatal error, <0 = fatal error) * */static void SetOptionalsNext(FTP_PARAM_FMT *ThisFmt, FTP_PARAM_FMT *NextFmt, FTP_PARAM_FMT **choices, int numChoices){ if (!ThisFmt) return; if (ThisFmt->optional) { if (ThisFmt->next_param_fmt == NULL) { ThisFmt->next_param_fmt = NextFmt; if (numChoices) { ThisFmt->numChoices = numChoices; ThisFmt->choices = malloc(sizeof(FTP_PARAM_FMT *) * numChoices); memcpy(ThisFmt->choices, choices, sizeof(FTP_PARAM_FMT *) * numChoices); } } else { SetOptionalsNext(ThisFmt->next_param_fmt, NextFmt, choices, numChoices); } } else { int i; SetOptionalsNext(ThisFmt->optional_fmt, ThisFmt->next_param_fmt, ThisFmt->choices, ThisFmt->numChoices); for (i=0;i<ThisFmt->numChoices;i++) { SetOptionalsNext(ThisFmt->choices[i], ThisFmt, choices, numChoices); } SetOptionalsNext(ThisFmt->next_param_fmt, ThisFmt, choices, numChoices); }⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -