From 5fa01fd7fba87bbd716b4ca32d4d7e2f7180975a Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Tue, 14 Jan 2003 22:24:47 +1100 Subject: [PATCH] - djm@cvs.openbsd.org 2003/01/14 10:58:00 [sftp-client.c sftp-int.c] Don't try to upload or download non-regular files. Report from apoloval@pantuflo.escet.urjc.es; ok markus@ --- ChangeLog | 6 +++++- sftp-client.c | 11 ++++++++--- sftp-int.c | 24 +++++++++++++++++++++++- 3 files changed, 36 insertions(+), 5 deletions(-) diff --git a/ChangeLog b/ChangeLog index bbd769ebd..36d5d2ca0 100644 --- a/ChangeLog +++ b/ChangeLog @@ -14,6 +14,10 @@ [sftp-int.c] make cmds[] array static to avoid conflict with BSDI libc. mindrot bug #466. Fix from mdev@idg.nl; ok markus@ + - djm@cvs.openbsd.org 2003/01/14 10:58:00 + [sftp-client.c sftp-int.c] + Don't try to upload or download non-regular files. Report from + apoloval@pantuflo.escet.urjc.es; ok markus@ 20030113 - (djm) Rework openbsd-compat/setproctitle.c a bit: move emulation type @@ -1017,4 +1021,4 @@ save auth method before monitor_reset_key_state(); bugzilla bug #284; ok provos@ -$Id: ChangeLog,v 1.2571 2003/01/14 11:24:19 djm Exp $ +$Id: ChangeLog,v 1.2572 2003/01/14 11:24:47 djm Exp $ diff --git a/sftp-client.c b/sftp-client.c index 3fac22bee..8c12dae11 100644 --- a/sftp-client.c +++ b/sftp-client.c @@ -28,7 +28,7 @@ /* XXX: copy between two remote sites */ #include "includes.h" -RCSID("$OpenBSD: sftp-client.c,v 1.40 2003/01/10 08:48:15 djm Exp $"); +RCSID("$OpenBSD: sftp-client.c,v 1.41 2003/01/14 10:58:00 djm Exp $"); #include "openbsd-compat/sys-queue.h" @@ -767,8 +767,8 @@ do_download(struct sftp_conn *conn, char *remote_path, char *local_path, mode = 0666; if ((a->flags & SSH2_FILEXFER_ATTR_PERMISSIONS) && - (a->perm & S_IFDIR)) { - error("Cannot download a directory: %s", remote_path); + (!S_ISREG(a->perm))) { + error("Cannot download non-regular file: %s", remote_path); return(-1); } @@ -1002,6 +1002,11 @@ do_upload(struct sftp_conn *conn, char *local_path, char *remote_path, close(local_fd); return(-1); } + if (!S_ISREG(sb.st_mode)) { + error("%s is not a regular file", local_path); + close(local_fd); + return(-1); + } stat_to_attrib(&sb, &a); a.flags &= ~SSH2_FILEXFER_ATTR_SIZE; diff --git a/sftp-int.c b/sftp-int.c index 3438fdeb0..42040f5bd 100644 --- a/sftp-int.c +++ b/sftp-int.c @@ -25,7 +25,7 @@ /* XXX: recursive operations */ #include "includes.h" -RCSID("$OpenBSD: sftp-int.c,v 1.54 2003/01/13 11:04:04 djm Exp $"); +RCSID("$OpenBSD: sftp-int.c,v 1.55 2003/01/14 10:58:00 djm Exp $"); #include "buffer.h" #include "xmalloc.h" @@ -380,6 +380,17 @@ is_dir(char *path) return(sb.st_mode & S_IFDIR); } +static int +is_reg(char *path) +{ + struct stat sb; + + if (stat(path, &sb) == -1) + fatal("stat %s: %s", path, strerror(errno)); + + return(S_ISREG(sb.st_mode)); +} + static int remote_is_dir(struct sftp_conn *conn, char *path) { @@ -494,6 +505,12 @@ process_put(struct sftp_conn *conn, char *src, char *dst, char *pwd, int pflag) /* Only one match, dst may be file, directory or unspecified */ if (g.gl_pathv[0] && g.gl_matchc == 1) { + if (!is_reg(g.gl_pathv[i])) { + error("Can't upload %s: not a regular file", + g.gl_pathv[0]); + err = 1; + goto out; + } if (tmp_dst) { /* If directory specified, append filename */ if (remote_is_dir(conn, tmp_dst)) { @@ -525,6 +542,11 @@ process_put(struct sftp_conn *conn, char *src, char *dst, char *pwd, int pflag) } for (i = 0; g.gl_pathv[i]; i++) { + if (!is_reg(g.gl_pathv[i])) { + error("skipping non-regular file %s", + g.gl_pathv[i]); + continue; + } if (infer_path(g.gl_pathv[i], &tmp)) { err = -1; goto out;