[New-bugs-announce] [issue26529] urllib.request: ftplib's cwd() can do harm
Vadim Markovtsev
report at bugs.python.org
Thu Mar 10 07:41:35 EST 2016
New submission from Vadim Markovtsev:
urllib/request.py, near line 2345
# Set transfer mode to ASCII!
self.ftp.voidcmd('TYPE A')
# Try a directory listing. Verify that directory exists.
if file:
pwd = self.ftp.pwd()
try:
try:
self.ftp.cwd(file)
except ftplib.error_perm as reason:
raise URLError('ftp error: %r' % reason) from reason
finally:
self.ftp.cwd(pwd)
cmd = 'LIST ' + file
else:
cmd = 'LIST'
conn, retrlen = self.ftp.ntransfercmd(cmd)
and near line 2314:
def init(self):
import ftplib
self.busy = 0
self.ftp = ftplib.FTP()
self.ftp.connect(self.host, self.port, self.timeout)
self.ftp.login(self.user, self.passwd)
_target = '/'.join(self.dirs)
self.ftp.cwd(_target)
The fact is, one can download a file from FTP without accessing the listing of it's parent directory. Example: ftp://ftp.apnic.net/apnic/whois-data/APNIC/split/apnic.db.inetnum.gz (African whois db). So these cwd() calls prevent from successfully downloading the file. If the corresponding blocks are commented out, the file is downloaded OK.
I am not sure how to fix this, rather than totally remove cwd() stuff.
----------
components: Library (Lib)
messages: 261498
nosy: Vadim Markovtsev
priority: normal
severity: normal
status: open
title: urllib.request: ftplib's cwd() can do harm
type: behavior
versions: Python 2.7, Python 3.2, Python 3.3, Python 3.4, Python 3.5, Python 3.6
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue26529>
_______________________________________
More information about the New-bugs-announce
mailing list