From 70cc092817a61af78c751b8f7a8ac5dcabfeae00 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Sat, 9 Jan 2010 22:28:03 +1100 Subject: [PATCH] - dtucker@cvs.openbsd.org 2010/01/09 11:13:02 [sftp.c] Prevent sftp from derefing a null pointer when given a "-" without a command. Also, allow whitespace to follow a "-". bz#1691, path from Colin Watson via Debian. ok djm@ deraadt@ --- ChangeLog | 5 +++++ sftp.c | 11 ++++++----- 2 files changed, 11 insertions(+), 5 deletions(-) diff --git a/ChangeLog b/ChangeLog index 9eda2f396..094d1bec3 100644 --- a/ChangeLog +++ b/ChangeLog @@ -23,6 +23,11 @@ - dtucker@cvs.openbsd.org 2010/01/09 05:17:00 [roaming_client.c] Remove a PRIu64 format string that snuck in with roaming. ok djm@ + - dtucker@cvs.openbsd.org 2010/01/09 11:13:02 + [sftp.c] + Prevent sftp from derefing a null pointer when given a "-" without a + command. Also, allow whitespace to follow a "-". bz#1691, path from + Colin Watson via Debian. ok djm@ deraadt@ 20091208 - (dtucker) OpenBSD CVS Sync diff --git a/sftp.c b/sftp.c index 9f5fa354d..78f8ca178 100644 --- a/sftp.c +++ b/sftp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sftp.c,v 1.117 2010/01/08 21:50:49 dtucker Exp $ */ +/* $OpenBSD: sftp.c,v 1.118 2010/01/09 11:13:02 dtucker Exp $ */ /* * Copyright (c) 2001-2004 Damien Miller * @@ -1112,17 +1112,18 @@ parse_args(const char **cpp, int *pflag, int *rflag, int *lflag, int *iflag, /* Skip leading whitespace */ cp = cp + strspn(cp, WHITESPACE); - /* Ignore blank lines and lines which begin with comment '#' char */ - if (*cp == '\0' || *cp == '#') - return (0); - /* Check for leading '-' (disable error processing) */ *iflag = 0; if (*cp == '-') { *iflag = 1; cp++; + cp = cp + strspn(cp, WHITESPACE); } + /* Ignore blank lines and lines which begin with comment '#' char */ + if (*cp == '\0' || *cp == '#') + return (0); + if ((argv = makeargv(cp, &argc, 0, NULL, NULL)) == NULL) return -1;