--- wget-1.10/src/ftp-basic.c 2005-05-16 16:08:57.000000000 -0600 +++ wget-1.10.2/src/ftp-basic.c 2007-01-13 13:50:44.000000000 -0700 @@ -1039,7 +1039,9 @@ first word of the server response)? */ request = strtok (NULL, " "); - if (!strcasecmp (request, "VMS")) + if (request == NULL) + *server_type = ST_OTHER; + else if (!strcasecmp (request, "VMS")) *server_type = ST_VMS; else if (!strcasecmp (request, "UNIX")) *server_type = ST_UNIX; @@ -1081,6 +1083,7 @@ return err; if (*respline == '5') { + err: xfree (respline); return FTPSRVERR; } @@ -1089,6 +1092,10 @@ and everything following it. */ strtok (respline, "\""); request = strtok (NULL, "\""); + if (!request) + /* Treat the malformed response as an error, which the caller has + to handle gracefully anyway. */ + goto err; /* Has the `pwd' been already allocated? Free! */ xfree_null (*pwd);