Reject excessively large FTP control replies (#2434)#2437
Merged
Conversation
When parsing FTP control replies, `Ftp::Client::parseControlReply()` stores individual lines in the `ctrl.message` wordlist. The stored values are later combined, appended, encoded, and/or converted to String objects, exposing the results to `String::SizeMax_` limitations. Recent commit 46f3f80 already ensures `reply_header_max_size` limits for control replies. This change adds checks for cases where `reply_header_max_size` configuration exceeds the recommended maximum value. It also protects any sensitive worldlist-manipulating code that might become reachable before `reply_header_max_size` limit is checked. Excessively large FTP control replies now lead to ERR_FTP_FAILURE. This is a Measurement Factory project.
kinkie
approved these changes
Jun 7, 2026
yadij
pushed a commit
that referenced
this pull request
Jun 8, 2026
Fix a typo in ChangeLog from PR #2437
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
When parsing FTP control replies,
Ftp::Client::parseControlReply()stores individual lines in the
ctrl.messagewordlist. The storedvalues are later combined, appended, encoded, and/or converted to String
objects, exposing the results to
String::SizeMax_limitations. Recentcommit 46f3f80 already ensures
reply_header_max_sizelimits forcontrol replies. This change adds checks for cases where
reply_header_max_sizeconfiguration exceeds the recommended maximumvalue. It also protects any sensitive worldlist-manipulating code that
might become reachable before
reply_header_max_sizelimit is checked.Excessively large FTP control replies now lead to ERR_FTP_FAILURE.
This is a Measurement Factory project.