RE: Windows MS-DOS Device Name DoS vulnerabilities

["David LeBlanc" <dleblanc () mindspring com>]

> -----Original Message-----
> From: Martin Werner [mailto:bugtraq () martinwerner de]
> Sent: Monday, July 16, 2001 3:31 AM
> To: BUGTRAQ () SECURITYFOCUS COM
> Subject: AW: Windows MS-DOS Device Name DoS vulnerabilities
>
>
> Just want to give a new thought.
>
> Fact is, that on the one hand side, its merely impossible to
> write an safe
> ftp server using Microsofts Filesystem, because device names can cause
> trouble (and I think, this is not a bug, but it's been discussed)

I beg to differ. First, let's distinguish between file systems. If you say
that it wouldn't be advisable to write a FTP server designed to run on FAT
file systems, then I'd be inclined to agree. You can, OTOH, do a lot of work
to re-implement file system security sufficient for a FTP server and be OK.

Now, on to the issue with device names - this isn't all that terribly
difficult, and is part of proper file canonicalization practices. A call to
CreateFile() on a device name will always succeed (or possibly blow up an
unpatched Win9x system, so go get the patch or consider running your FTP
server on NT or Win2k). Next, a call to GetFileInformationByHandle() will
always fail if it is a device. GetFileType() can also be used to determine
whether something is a device.

David LeBlanc
dleblanc () mindspring com