- djm@cvs.openbsd.org 2003/01/14 10:58:00

[sftp-client.c sftp-int.c] Don't try to upload or download non-regular files. Report from apoloval@pantuflo.escet.urjc.es; ok markus@
2003-01-14 22:24:47 +11:00 · 2003-01-14 22:24:47 +11:00 · 5fa01fd7fb
parent 7a992387cb
commit 5fa01fd7fb
3 changed files with 36 additions and 5 deletions
--- a/6
+++ b/6
@ -14,6 +14,10 @@
     [sftp-int.c]
     make cmds[] array static to avoid conflict with BSDI libc.
     mindrot bug #466. Fix from mdev@idg.nl; ok markus@
+   - djm@cvs.openbsd.org 2003/01/14 10:58:00
+     [sftp-client.c sftp-int.c]
+     Don't try to upload or download non-regular files. Report from
+     apoloval@pantuflo.escet.urjc.es; ok markus@

 20030113
 - (djm) Rework openbsd-compat/setproctitle.c a bit: move emulation type
@ -1017,4 +1021,4 @@
     save auth method before monitor_reset_key_state(); bugzilla bug #284;
     ok provos@

-$Id: ChangeLog,v 1.2571 2003/01/14 11:24:19 djm Exp $
+$Id: ChangeLog,v 1.2572 2003/01/14 11:24:47 djm Exp $
--- a/sftp-client.c
+++ b/sftp-client.c
@ -28,7 +28,7 @@
 /* XXX: copy between two remote sites */

 #include "includes.h"
-RCSID("$OpenBSD: sftp-client.c,v 1.40 2003/01/10 08:48:15 djm Exp $");
+RCSID("$OpenBSD: sftp-client.c,v 1.41 2003/01/14 10:58:00 djm Exp $");

 #include "openbsd-compat/sys-queue.h"

@ -767,8 +767,8 @@ do_download(struct sftp_conn *conn, char *remote_path, char *local_path,
 		mode = 0666;

 	if ((a->flags & SSH2_FILEXFER_ATTR_PERMISSIONS) &&
-	    (a->perm & S_IFDIR)) {
-		error("Cannot download a directory: %s", remote_path);
+	    (!S_ISREG(a->perm))) {
+		error("Cannot download non-regular file: %s", remote_path);
 		return(-1);
 	}

@ -1002,6 +1002,11 @@ do_upload(struct sftp_conn *conn, char *local_path, char *remote_path,
 		close(local_fd);
 		return(-1);
 	}
+	if (!S_ISREG(sb.st_mode)) {
+		error("%s is not a regular file", local_path);
+		close(local_fd);
+		return(-1);
+	}
 	stat_to_attrib(&sb, &a);

 	a.flags &= ~SSH2_FILEXFER_ATTR_SIZE;
--- a/sftp-int.c
+++ b/sftp-int.c
@ -25,7 +25,7 @@
 /* XXX: recursive operations */

 #include "includes.h"
-RCSID("$OpenBSD: sftp-int.c,v 1.54 2003/01/13 11:04:04 djm Exp $");
+RCSID("$OpenBSD: sftp-int.c,v 1.55 2003/01/14 10:58:00 djm Exp $");

 #include "buffer.h"
 #include "xmalloc.h"
@ -380,6 +380,17 @@ is_dir(char *path)
 	return(sb.st_mode & S_IFDIR);
 }

+static int
+is_reg(char *path)
+{
+	struct stat sb;
+
+	if (stat(path, &sb) == -1)
+		fatal("stat %s: %s", path, strerror(errno));
+
+	return(S_ISREG(sb.st_mode));
+}
+
 static int
 remote_is_dir(struct sftp_conn *conn, char *path)
 {
@ -494,6 +505,12 @@ process_put(struct sftp_conn *conn, char *src, char *dst, char *pwd, int pflag)

 	/* Only one match, dst may be file, directory or unspecified */
 	if (g.gl_pathv[0] && g.gl_matchc == 1) {
+		if (!is_reg(g.gl_pathv[i])) {
+			error("Can't upload %s: not a regular file",
+			    g.gl_pathv[0]);
+			err = 1;
+			goto out;
+		}
 		if (tmp_dst) {
 			/* If directory specified, append filename */
 			if (remote_is_dir(conn, tmp_dst)) {
@ -525,6 +542,11 @@ process_put(struct sftp_conn *conn, char *src, char *dst, char *pwd, int pflag)
 	}

 	for (i = 0; g.gl_pathv[i]; i++) {
+		if (!is_reg(g.gl_pathv[i])) {
+			error("skipping non-regular file %s", 
+			    g.gl_pathv[i]);
+			continue;
+		}
 		if (infer_path(g.gl_pathv[i], &tmp)) {
 			err = -1;
 			goto out;