diff options
author | Ben Lindstrom <mouring@eviladmin.org> | 2001-08-06 21:30:53 +0000 |
---|---|---|
committer | Ben Lindstrom <mouring@eviladmin.org> | 2001-08-06 21:30:53 +0000 |
commit | 95148e3de293052afa4cc7708bc1547c697903cc (patch) | |
tree | e57e64ddd5813b7e5ec6979b5aec0529eab77274 | |
parent | ae996bf7d1967c83a0e0d71e9e89fa9a27d839f9 (diff) |
- jakob@cvs.openbsd.org 2001/07/31 12:42:50
[sftp-int.c sftp-server.c]
avoid paths beginning with "//"; <vinschen@redhat.com>
ok markus@
-rw-r--r-- | ChangeLog | 6 | ||||
-rw-r--r-- | sftp-int.c | 5 | ||||
-rw-r--r-- | sftp-server.c | 6 |
3 files changed, 11 insertions, 6 deletions
@@ -80,6 +80,10 @@ | |||
80 | add 'SmartcardDevice' client option to specify which smartcard device | 80 | add 'SmartcardDevice' client option to specify which smartcard device |
81 | is used to access a smartcard used for storing the user's private RSA | 81 | is used to access a smartcard used for storing the user's private RSA |
82 | key. ok markus@. | 82 | key. ok markus@. |
83 | - jakob@cvs.openbsd.org 2001/07/31 12:42:50 | ||
84 | [sftp-int.c sftp-server.c] | ||
85 | avoid paths beginning with "//"; <vinschen@redhat.com> | ||
86 | ok markus@ | ||
83 | 87 | ||
84 | 20010803 | 88 | 20010803 |
85 | - (djm) Fix interrupted read in entropy gatherer. Spotted by markus@ on | 89 | - (djm) Fix interrupted read in entropy gatherer. Spotted by markus@ on |
@@ -6190,4 +6194,4 @@ | |||
6190 | - Wrote replacements for strlcpy and mkdtemp | 6194 | - Wrote replacements for strlcpy and mkdtemp |
6191 | - Released 1.0pre1 | 6195 | - Released 1.0pre1 |
6192 | 6196 | ||
6193 | $Id: ChangeLog,v 1.1446 2001/08/06 21:27:53 mouring Exp $ | 6197 | $Id: ChangeLog,v 1.1447 2001/08/06 21:30:53 mouring Exp $ |
diff --git a/sftp-int.c b/sftp-int.c index 573fea1df..0851e63a2 100644 --- a/sftp-int.c +++ b/sftp-int.c | |||
@@ -26,7 +26,7 @@ | |||
26 | /* XXX: recursive operations */ | 26 | /* XXX: recursive operations */ |
27 | 27 | ||
28 | #include "includes.h" | 28 | #include "includes.h" |
29 | RCSID("$OpenBSD: sftp-int.c,v 1.38 2001/07/09 07:04:53 deraadt Exp $"); | 29 | RCSID("$OpenBSD: sftp-int.c,v 1.39 2001/07/31 12:42:50 jakob Exp $"); |
30 | 30 | ||
31 | #include "buffer.h" | 31 | #include "buffer.h" |
32 | #include "xmalloc.h" | 32 | #include "xmalloc.h" |
@@ -204,7 +204,8 @@ path_append(char *p1, char *p2) | |||
204 | 204 | ||
205 | ret = xmalloc(len); | 205 | ret = xmalloc(len); |
206 | strlcpy(ret, p1, len); | 206 | strlcpy(ret, p1, len); |
207 | strlcat(ret, "/", len); | 207 | if (strcmp(p1, "/") != 0) |
208 | strlcat(ret, "/", len); | ||
208 | strlcat(ret, p2, len); | 209 | strlcat(ret, p2, len); |
209 | 210 | ||
210 | return(ret); | 211 | return(ret); |
diff --git a/sftp-server.c b/sftp-server.c index 5f1b37b01..2ef9753bf 100644 --- a/sftp-server.c +++ b/sftp-server.c | |||
@@ -22,7 +22,7 @@ | |||
22 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 22 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
23 | */ | 23 | */ |
24 | #include "includes.h" | 24 | #include "includes.h" |
25 | RCSID("$OpenBSD: sftp-server.c,v 1.29 2001/06/25 08:25:40 markus Exp $"); | 25 | RCSID("$OpenBSD: sftp-server.c,v 1.30 2001/07/31 12:42:50 jakob Exp $"); |
26 | 26 | ||
27 | #include "buffer.h" | 27 | #include "buffer.h" |
28 | #include "bufaux.h" | 28 | #include "bufaux.h" |
@@ -756,8 +756,8 @@ process_readdir(void) | |||
756 | stats = xrealloc(stats, nstats * sizeof(Stat)); | 756 | stats = xrealloc(stats, nstats * sizeof(Stat)); |
757 | } | 757 | } |
758 | /* XXX OVERFLOW ? */ | 758 | /* XXX OVERFLOW ? */ |
759 | snprintf(pathname, sizeof pathname, | 759 | snprintf(pathname, sizeof pathname, "%s%s%s", path, |
760 | "%s/%s", path, dp->d_name); | 760 | strcmp(path, "/") ? "/" : "", dp->d_name); |
761 | if (lstat(pathname, &st) < 0) | 761 | if (lstat(pathname, &st) < 0) |
762 | continue; | 762 | continue; |
763 | stat_to_attrib(&st, &(stats[count].attrib)); | 763 | stat_to_attrib(&st, &(stats[count].attrib)); |