summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDamien Miller <djm@mindrot.org>2003-02-24 11:52:58 +1100
committerDamien Miller <djm@mindrot.org>2003-02-24 11:52:58 +1100
commiteeeeb3517e3b878bc4d2f8db9cbebd8e912b0cca (patch)
tree8daa1bc48e6f7a51eb515519f30c72ef2537fa09
parentffadc583f63eb8b37750bdce6b70c6102ae621b4 (diff)
- markus@cvs.openbsd.org 2003/02/02 10:51:13
[scp.c] call okname() only when using system(3) for remote-remote copy; fixes bugs #483, #472; ok deraadt@, mouring@
Diffstat
-rw-r--r--ChangeLog6
-rw-r--r--scp.c23
2 files changed, 20 insertions, 9 deletions
diff --git a/ChangeLog b/ChangeLog
index a966fbdde..c36f52055 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -20,6 +20,10 @@
20 [sshd.8] 20 [sshd.8]
21 typos; sshd(8): help and ok markus@ 21 typos; sshd(8): help and ok markus@
22 help and ok millert@ 22 help and ok millert@
23 - markus@cvs.openbsd.org 2003/02/02 10:51:13
24 [scp.c]
25 call okname() only when using system(3) for remote-remote copy;
26 fixes bugs #483, #472; ok deraadt@, mouring@
23 27
2420030211 2820030211
25 - (djm) Cygwin needs libcrypt too. Patch from vinschen@redhat.com 29 - (djm) Cygwin needs libcrypt too. Patch from vinschen@redhat.com
@@ -1120,4 +1124,4 @@
1120 save auth method before monitor_reset_key_state(); bugzilla bug #284; 1124 save auth method before monitor_reset_key_state(); bugzilla bug #284;
1121 ok provos@ 1125 ok provos@
1122 1126
1123$Id: ChangeLog,v 1.2598 2003/02/24 00:52:26 djm Exp $ 1127$Id: ChangeLog,v 1.2599 2003/02/24 00:52:58 djm Exp $
diff --git a/scp.c b/scp.c
index 60484e769..e44a1cf69 100644
--- a/scp.c
+++ b/scp.c
@@ -75,7 +75,7 @@
75 */ 75 */
76 76
77#include "includes.h" 77#include "includes.h"
78RCSID("$OpenBSD: scp.c,v 1.100 2003/01/23 14:06:15 markus Exp $"); 78RCSID("$OpenBSD: scp.c,v 1.101 2003/02/02 10:51:13 markus Exp $");
79 79
80#include "xmalloc.h" 80#include "xmalloc.h"
81#include "atomicio.h" 81#include "atomicio.h"
@@ -370,8 +370,6 @@ toremote(targ, argc, argv)
370 tuser = argv[argc - 1]; 370 tuser = argv[argc - 1];
371 if (*tuser == '\0') 371 if (*tuser == '\0')
372 tuser = NULL; 372 tuser = NULL;
373 else if (!okname(tuser))
374 exit(1);
375 } else { 373 } else {
376 thost = argv[argc - 1]; 374 thost = argv[argc - 1];
377 tuser = NULL; 375 tuser = NULL;
@@ -399,6 +397,8 @@ toremote(targ, argc, argv)
399 suser = pwd->pw_name; 397 suser = pwd->pw_name;
400 else if (!okname(suser)) 398 else if (!okname(suser))
401 continue; 399 continue;
400 if (tuser && !okname(tuser))
401 continue;
402 snprintf(bp, len, 402 snprintf(bp, len,
403 "%s%s %s -n " 403 "%s%s %s -n "
404 "-l %s %s %s %s '%s%s%s:%s'", 404 "-l %s %s %s %s '%s%s%s:%s'",
@@ -472,8 +472,6 @@ tolocal(argc, argv)
472 suser = argv[i]; 472 suser = argv[i];
473 if (*suser == '\0') 473 if (*suser == '\0')
474 suser = pwd->pw_name; 474 suser = pwd->pw_name;
475 else if (!okname(suser))
476 continue;
477 } 475 }
478 host = cleanhostname(host); 476 host = cleanhostname(host);
479 len = strlen(src) + CMDNEEDS + 20; 477 len = strlen(src) + CMDNEEDS + 20;
@@ -1085,9 +1083,18 @@ okname(cp0)
1085 c = (int)*cp; 1083 c = (int)*cp;
1086 if (c & 0200) 1084 if (c & 0200)
1087 goto bad; 1085 goto bad;
1088 if (!isalpha(c) && !isdigit(c) && 1086 if (!isalpha(c) && !isdigit(c)) {
1089 c != '@' && c != '_' && c != '-' && c != '.' && c != '+') 1087 switch (c) {
1090 goto bad; 1088 case '\'':
1089 case '"':
1090 case '`':
1091 case ' ':
1092 case '#':
1093 goto bad;
1094 default:
1095 break;
1096 }
1097 }
1091 } while (*++cp); 1098 } while (*++cp);
1092 return (1); 1099 return (1);
1093 1100
generated by cgit v1.2.3 (git 2.39.1) at 2024-07-05 12:59:05 +0000