[21563] in bugtraq
AW: Windows MS-DOS Device Name DoS vulnerabilities
daemon@ATHENA.MIT.EDU (tux@centrum.cz)
Tue Jul 17 11:54:48 2001
Date: Tue, 17 Jul 2001 13:04:45 +0200
From: <tux@centrum.cz>
To: "Martin Werner" <bugtraq@martinwerner.de>, <BUGTRAQ@securityfocus.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-2"
Content-Transfer-Encoding: 8bit
Message-Id: <20010717110459Z327732-23672+303@mail.centrum.cz>
And what about trying to use
HANDLE FindFirstFile("name_of_the_file_or_device",LPWIN32FINDDATA)
This will find the file successfully if it is a file, or return "file not found error" if it is device (since te devices are not listed in directory listing and are "invisible" to FindFirstFile) or the file is not in current directory and cannot be thus served
If you just check the filename for wildcards like * and ? you will be safe on even unpatched windows with the con\con BSOD bug, I think ...
Martin Petricek
______________________________________________________________
> Od: "Martin Werner" <bugtraq@martinwerner.de>
> Komu: <BUGTRAQ@SECURITYFOCUS.COM>
> CC:
> Datum: Mon, 16 Jul 2001 12:30:59 +0200
> PĂedmĄt: AW: Windows MS-DOS Device Name DoS vulnerabilities
>
> Just want to give a new thought.
>
> Fact is, that on the one hand side, its merely impossible to write an safe
> ftp server using Microsofts Filesystem, because device names can cause
> trouble (and I think, this is not a bug, but it's been discussed)
>
> So I think, good coding practice is not using a function, you cannot be sure
> to work (noticed the incompatiblilities between different versions of
> windows etc.)
>
> In such a situation, the only safe thing one can do, is to
>
> a) change the whole behaviour of windows causing immense trouble porting
> applications.
>
> or better take it in your own hand.
>
> I think, that one has to write a flatfile engine, the faster, the better,
> that works with ! ! one ! file in the windows filesystem with a name, the
> coder choses and thinks to be secure. It could be a good open source
> project, to write a filesystem, that can be put into a binary file on any
> platform. A great step in compatibility between systems.
>
> Keep on testing software!
>
>
> Martin Werner
>
> P.S. Feel free to contact me at:
>
> www.martinwerner.de
> martin@martinwerner.de
>
>
-----
Profesionálové světového skateboardingu
na http://0g.cz/0107/mystic_sk8_cup
