From aec5cf8a30c1d44a0cc2da939d39d46cd078d602 Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Sun, 10 Feb 2008 22:26:24 +1100 Subject: [PATCH] - djm@cvs.openbsd.org 2008/01/20 00:38:30 [sftp.c] When uploading, correctly handle the case of an unquoted filename with glob metacharacters that match a file exactly but not as a glob, e.g. a file called "[abcd]". report and test cases from duncan2nd AT gmx.de --- ChangeLog | 7 ++++++- sftp.c | 24 ++++++++++-------------- 2 files changed, 16 insertions(+), 15 deletions(-) diff --git a/ChangeLog b/ChangeLog index 3c5a374dc..82b1d8024 100644 --- a/ChangeLog +++ b/ChangeLog @@ -44,6 +44,11 @@ [readconf.c readconf.h sshconnect2.c] promote rekeylimit to a int64 so it can hold the maximum useful limit of 2^32; report and patch from Jan.Pechanec AT Sun.COM, ok dtucker@ + - djm@cvs.openbsd.org 2008/01/20 00:38:30 + [sftp.c] + When uploading, correctly handle the case of an unquoted filename with + glob metacharacters that match a file exactly but not as a glob, e.g. a + file called "[abcd]". report and test cases from duncan2nd AT gmx.de 20080119 - (djm) Silence noice from expr in ssh-copy-id; patch from @@ -3572,4 +3577,4 @@ OpenServer 6 and add osr5bigcrypt support so when someone migrates passwords between UnixWare and OpenServer they will still work. OK dtucker@ -$Id: ChangeLog,v 1.4828 2008/02/10 11:25:52 djm Exp $ +$Id: ChangeLog,v 1.4829 2008/02/10 11:26:24 djm Exp $ diff --git a/sftp.c b/sftp.c index db0a8d9af..861c3db05 100644 --- a/sftp.c +++ b/sftp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sftp.c,v 1.98 2007/12/12 05:04:03 djm Exp $ */ +/* $OpenBSD: sftp.c,v 1.99 2008/01/20 00:38:30 djm Exp $ */ /* * Copyright (c) 2001-2004 Damien Miller * @@ -433,17 +433,6 @@ is_dir(char *path) return(S_ISDIR(sb.st_mode)); } -static int -is_reg(char *path) -{ - struct stat sb; - - if (stat(path, &sb) == -1) - fatal("stat %s: %s", path, strerror(errno)); - - return(S_ISREG(sb.st_mode)); -} - static int remote_is_dir(struct sftp_conn *conn, char *path) { @@ -532,6 +521,7 @@ process_put(struct sftp_conn *conn, char *src, char *dst, char *pwd, int pflag) glob_t g; int err = 0; int i; + struct stat sb; if (dst) { tmp_dst = xstrdup(dst); @@ -540,7 +530,7 @@ process_put(struct sftp_conn *conn, char *src, char *dst, char *pwd, int pflag) memset(&g, 0, sizeof(g)); debug3("Looking up %s", src); - if (glob(src, 0, NULL, &g)) { + if (glob(src, GLOB_NOCHECK, NULL, &g)) { error("File \"%s\" not found.", src); err = -1; goto out; @@ -555,7 +545,13 @@ process_put(struct sftp_conn *conn, char *src, char *dst, char *pwd, int pflag) } for (i = 0; g.gl_pathv[i] && !interrupted; i++) { - if (!is_reg(g.gl_pathv[i])) { + if (stat(g.gl_pathv[i], &sb) == -1) { + err = -1; + error("stat %s: %s", g.gl_pathv[i], strerror(errno)); + continue; + } + + if (!S_ISREG(sb.st_mode)) { error("skipping non-regular file %s", g.gl_pathv[i]); continue;