- halex@cvs.openbsd.org 2009/11/22 13:18:00

     [sftp.c]
     make passing of zero-length arguments to ssh safe by
     passing "-<switch>" "<value>" rather than "-<switch><value>"
     ok dtucker@, guenther@, djm@

2 files changed, 8 insertions, 2 deletions

diff --git a/ChangeLog b/ChangeLog
index 7a2a0e322..6d6dacd88 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -87,6 +87,11 @@
      to expand EXPAND_MAX_KEYS, allowing only EXPAND_MAX_KEYS-1 to actually
      work.  Note that nothing in OpenSSH actually uses close to this limit at
      present.  bz#1607 from Jan.Pechanec AT Sun.COM
+   - halex@cvs.openbsd.org 2009/11/22 13:18:00
+     [sftp.c]
+     make passing of zero-length arguments to ssh safe by
+     passing "-<switch>" "<value>" rather than "-<switch><value>"
+     ok dtucker@, guenther@, djm@
 
 20091226
  - (tim) [contrib/cygwin/Makefile] Install ssh-copy-id and ssh-copy-id.1
diff --git a/sftp.c b/sftp.c
index 85e5505b5..2ce7cc1e1 100644
--- a/sftp.c
+++ b/sftp.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sftp.c,v 1.112 2009/11/20 00:54:01 djm Exp $ */
+/* $OpenBSD: sftp.c,v 1.113 2009/11/22 13:18:00 halex Exp $ */
 /*
  * Copyright (c) 2001-2004 Damien Miller <djm@openbsd.org>
  *
@@ -1719,7 +1719,8 @@ main(int argc, char **argv)
                 case 'c':
                 case 'i':
                 case 'o':
-                        addargs(&args, "-%c%s", ch, optarg);
+                        addargs(&args, "-%c", ch);
+                        addargs(&args, "%s", optarg);
                         break;
                 case 'q':
                         showprogress = 0;