My apologies if this is old news.
While testing the WAR ftp bugs, I ran across some trivial, but
interesting overflows in the NT 3.51/4.0, and Win95 FTP client.
Seems that there are at least 3 separate overflow problems in the
ftp client.
-- 1st is with the username input. Give a username more than 285
chars, and ftp.exe will bomb with an access violation. This only seems
to affect Win NT 3.51/4.0....mainly because Win95 will only allow a
254 char username.
-- 2nd is with the password input. Not sure how many chars cause the
condition, but hold down a key for a few minutes and press return.
Should cause ftp to bomb. Seems to only happen with Win95, and looks
like an overflow.
-- 3rd is with the ftp command parser. Type in any unrecognized
command that is longer than 207 chars. ftp.exe will bomb and produce
an access violation again. This affects both NT and Win 95 ftp
clients.
These bugs are not really much of a concern....but it does show that
MS's code is chock full of overflows. What else has these sorts of
problems? Makes you wonder...........
Anton Rager
arager@McGraw-Hill.com