Ticket #3869: actually use the .netrc password for ftp vfs #4831
Conversation
github-actions
bot
added
needs triage
src/vfs/ftpfs/ftpfs.c
Outdated
| MC_PTR_FREE (path_element->password); | ||
|
|
||
| if (path_element->password == NULL) | ||
| path_element->password = g_strdup (new_passwd); |
There was a problem hiding this comment.
There is no reason to duplicate new_passwd that is just free'd below.
There was a problem hiding this comment.
Well, I think this is the safest and easiest way to code that, isn't it? What would be your way of doing it?
I'm more concerned about this introducing a logical mistake. I think this if-block should go above the previous one. Otherwise, it just reverts the effect of the previous condition, but not only for the same user but also for a different user.
There was a problem hiding this comment.
You're right, there's a logical error, but I think the correct way is using else, see my latest fixup commit. I've tested the following cases and mc behaves as expected:
ftp://host: uses user and passwd from .netrcftp://user@host: usesuser's passwd from .netrcftp://user_not_in_netrc@host: asks foruser_not_in_netrc's password
Please just confirm that it's ok to use g_strdup(), I'm not sure about that, I've used it in analogy with line 364 path_element->user = g_strdup ("anonymous");
There was a problem hiding this comment.
Please just confirm that it's ok to use
g_strdup(), I'm not sure about that, I've used it in analogy with line 364path_element->user = g_strdup ("anonymous");
Well, if I just do path_element->password = new_passwd;, the ftp login fails, and mc segfaults.
There was a problem hiding this comment.
Well, if I just do
path_element->password = new_passwd;, the ftp login fails, and mc segfaults.
Because of use-after-free. You can take new_passwd in the one branch and free it in the other one.
There was a problem hiding this comment.
I actually think that branching free is less safe than duplicating the string. The performance penalty of a few microseconds is negligible, because it isn't in a loop, but if later more code is added, whether to free or not has to be correctly considered in all branches. As we can see, we have a lot of bugs creeping in due to subtle errors in conditions. Using g_strdup always, even if it's not really needed, is more like ownership transfer semantics in C++. So it's harder to make a mistake when the code is modified later.
There was a problem hiding this comment.
I actually think that branching free is less safe than duplicating the string. The performance penalty of a few microseconds is negligible, because it isn't in a loop, but if later more code is added, whether to free or not has to be correctly considered in all branches. As we can see, we have a lot of bugs creeping in due to subtle errors in conditions. Using
g_strdupalways, even if it's not really needed, is more like ownership transfer semantics in C++. So it's harder to make a mistake when the code is modified later.
I disagree.
There was a problem hiding this comment.
So how do you want to have it? Like in the first or second fixup?
zyv
added
area: vfs
|
/rebase |
…tp vfs Signed-off-by: Vrihub <Vrihub@users.noreply.github.com> Signed-off-by: Yury V. Zaytsev <yury@shurup.com>
zyv
changed the title
|
@mc-worker ok? |
…d for ftp vfs Signed-off-by: Yury V. Zaytsev <yury@shurup.com>
…password for ftp vfs Signed-off-by: Yury V. Zaytsev <yury@shurup.com>
3 participants
Proposed changes
This fixes #3869, when one wants to log into an ftp server only providing username and hostname, and relies on mc to retrieve the password from the .netrc file. Without this, mc retrieves the password from the .netrc file, but doesn't actually use it to login, and asks the user for a password instead.
Please review, this works for me, but I'm not 100% sure it's the best solution.
Checklist
👉 Our coding style can be found here: https://midnight-commander.org/coding-style/ 👈
git commit --amend -smake indent && make check)