Author: emaste
Date: Wed Jan 16 15:19:09 2019
New Revision: 343098
URL: https://svnweb.freebsd.org/changeset/base/343098
Log:
MFC r343043: scp: disallow empty or current directory
Obtained from: OpenBSD scp.c 1.198
Security: CVE-2018-20685
Sponsored by: The FreeBSD Foundation
Modified:
stable/10/crypto/openssh/scp.c
Directory Properties:
stable/10/ (props changed)
Modified: stable/10/crypto/openssh/scp.c
==============================================================================
--- stable/10/crypto/openssh/scp.c Wed Jan 16 15:15:04 2019
(r343097)
+++ stable/10/crypto/openssh/scp.c Wed Jan 16 15:19:09 2019
(r343098)
@@ -1048,7 +1048,8 @@ sink(int argc, char **argv)
size = size * 10 + (*cp++ - '0');
if (*cp++ != ' ')
SCREWUP("size not delimited");
- if ((strchr(cp, '/') != NULL) || (strcmp(cp, "..") == 0)) {
+ if (*cp == '\0' || strchr(cp, '/') != NULL ||
+ strcmp(cp, ".") == 0 || strcmp(cp, "..") == 0) {
run_err("error: unexpected filename: %s", cp);
exit(1);
}
_______________________________________________
svn-src-stable-10@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-stable-10
To unsubscribe, send any mail to "svn-src-stable-10-unsubscr...@freebsd.org"
