diff options
| author | Damien Miller <djm@cvs.openbsd.org> | 2003-01-14 10:58:01 +0000 |
|---|---|---|
| committer | Damien Miller <djm@cvs.openbsd.org> | 2003-01-14 10:58:01 +0000 |
| commit | 806a307c4d599810387d1121125ca352e2225b54 (patch) | |
| tree | 50f7076e11d3af4fafa56ebedb11bb2f8de278de /usr.bin | |
| parent | 25c9e779d3fc17d1be38b8a5d622c16a2639b34c (diff) | |
Don't try to upload or download non-regular files. Report from
apoloval@pantuflo.escet.urjc.es; ok markus@
Diffstat (limited to 'usr.bin')
| -rw-r--r-- | usr.bin/ssh/sftp-client.c | 11 | ||||
| -rw-r--r-- | usr.bin/ssh/sftp-int.c | 24 |
2 files changed, 31 insertions, 4 deletions
diff --git a/usr.bin/ssh/sftp-client.c b/usr.bin/ssh/sftp-client.c index bf2d52c625e..dac54117b51 100644 --- a/usr.bin/ssh/sftp-client.c +++ b/usr.bin/ssh/sftp-client.c @@ -28,7 +28,7 @@ /* XXX: copy between two remote sites */ #include "includes.h" -RCSID("$OpenBSD: sftp-client.c,v 1.40 2003/01/10 08:48:15 djm Exp $"); +RCSID("$OpenBSD: sftp-client.c,v 1.41 2003/01/14 10:58:00 djm Exp $"); #include <sys/queue.h> @@ -767,8 +767,8 @@ do_download(struct sftp_conn *conn, char *remote_path, char *local_path, mode = 0666; if ((a->flags & SSH2_FILEXFER_ATTR_PERMISSIONS) && - (a->perm & S_IFDIR)) { - error("Cannot download a directory: %s", remote_path); + (!S_ISREG(a->perm))) { + error("Cannot download non-regular file: %s", remote_path); return(-1); } @@ -998,6 +998,11 @@ do_upload(struct sftp_conn *conn, char *local_path, char *remote_path, close(local_fd); return(-1); } + if (!S_ISREG(sb.st_mode)) { + error("%s is not a regular file", local_path); + close(local_fd); + return(-1); + } stat_to_attrib(&sb, &a); a.flags &= ~SSH2_FILEXFER_ATTR_SIZE; diff --git a/usr.bin/ssh/sftp-int.c b/usr.bin/ssh/sftp-int.c index f3ae0bec900..d75420e6290 100644 --- a/usr.bin/ssh/sftp-int.c +++ b/usr.bin/ssh/sftp-int.c @@ -25,7 +25,7 @@ /* XXX: recursive operations */ #include "includes.h" -RCSID("$OpenBSD: sftp-int.c,v 1.54 2003/01/13 11:04:04 djm Exp $"); +RCSID("$OpenBSD: sftp-int.c,v 1.55 2003/01/14 10:58:00 djm Exp $"); #include <glob.h> @@ -383,6 +383,17 @@ is_dir(char *path) } static int +is_reg(char *path) +{ + struct stat sb; + + if (stat(path, &sb) == -1) + fatal("stat %s: %s", path, strerror(errno)); + + return(S_ISREG(sb.st_mode)); +} + +static int remote_is_dir(struct sftp_conn *conn, char *path) { Attrib *a; @@ -496,6 +507,12 @@ process_put(struct sftp_conn *conn, char *src, char *dst, char *pwd, int pflag) /* Only one match, dst may be file, directory or unspecified */ if (g.gl_pathv[0] && g.gl_matchc == 1) { + if (!is_reg(g.gl_pathv[i])) { + error("Can't upload %s: not a regular file", + g.gl_pathv[0]); + err = 1; + goto out; + } if (tmp_dst) { /* If directory specified, append filename */ if (remote_is_dir(conn, tmp_dst)) { @@ -527,6 +544,11 @@ process_put(struct sftp_conn *conn, char *src, char *dst, char *pwd, int pflag) } for (i = 0; g.gl_pathv[i]; i++) { + if (!is_reg(g.gl_pathv[i])) { + error("skipping non-regular file %s", + g.gl_pathv[i]); + continue; + } if (infer_path(g.gl_pathv[i], &tmp)) { err = -1; goto out; |