ftpd: address review for RMD command

- document the shared DELE/RMD handler and the prefix-length logic (annotate strlen("RMD ")/"DELE " instead of bare magic numbers) - de-obfuscate the path bounds check (drop the add/sub 1024 round-trip) - use a command-neutral 550 reply ("Requested action not taken")
2026-05-19 11:13:14 +03:00
parent a5b1c32f04
commit 16f3a6ae9a
1 changed files with 12 additions and 13 deletions
@@ -469,22 +469,21 @@ cmdDELE:
        test    [ebp + thread_data.permissions], PERMISSION_DELETE
        jz      permission_denied

-        mov     edx, 4
+        ; "DELE <path>" and "RMD <path>" share this handler. Skip the
+        ; command + its trailing space to reach <path>: "RMD " = 4,
+        ; "DELE " = 5 bytes. RMD is the only 'R' command routed here.
+        mov     edx, 4                  ; strlen("RMD ")
        cmp     byte[esi], 'R'
-        je     @f
+        je      @f
        cmp     byte[esi], 'r'
-        je     @f
-
-        mov     edx, 5
-@@:
-        add     edx, 1024
-        cmp     ecx, edx
+        je      @f
+        mov     edx, 5                  ; strlen("DELE ")
+  @@:
+        sub     ecx, edx                ; ecx = <path> length
+        jb      .err                    ; command line shorter than prefix
+        cmp     ecx, 1024               ; <path> must fit the path buffer
        jae     .err

-        sub     edx, 1024
-        sub     ecx, edx
-        jb      .err
-
        call    create_path
        dec     edi
        lea     esi, [ebp + thread_data.buffer + edx]
@@ -524,7 +523,7 @@ cmdDELE:
        sendFTP "250 Command successful"
        ret
 .err:
-        sendFTP "550 No such file"
+        sendFTP "550 Requested action not taken"
        ret

 ;------------------------------------------------