diff options
author | Colin Watson <cjwatson@debian.org> | 2019-01-12 18:47:36 +0000 |
---|---|---|
committer | Colin Watson <cjwatson@debian.org> | 2019-01-12 18:48:52 +0000 |
commit | 7e34cc252e1c42369aaaa8e1c379699ccf8c9e0e (patch) | |
tree | 642e1d00319b5f4abafeea0887c29d7904f873ed /scp.c | |
parent | a604dd3f234ebbb2823e6af39d58966d4c7d7282 (diff) | |
parent | dee21e97428e69d30e2d15c71f3e7cc08bf8e4f8 (diff) |
scp: disallow empty incoming filename or "."
Closes: #919101
Diffstat (limited to 'scp.c')
-rw-r--r-- | scp.c | 3 |
1 files changed, 2 insertions, 1 deletions
@@ -1114,7 +1114,8 @@ sink(int argc, char **argv) | |||
1114 | SCREWUP("size out of range"); | 1114 | SCREWUP("size out of range"); |
1115 | size = (off_t)ull; | 1115 | size = (off_t)ull; |
1116 | 1116 | ||
1117 | if ((strchr(cp, '/') != NULL) || (strcmp(cp, "..") == 0)) { | 1117 | if (*cp == '\0' || strchr(cp, '/') != NULL || |
1118 | strcmp(cp, ".") == 0 || strcmp(cp, "..") == 0) { | ||
1118 | run_err("error: unexpected filename: %s", cp); | 1119 | run_err("error: unexpected filename: %s", cp); |
1119 | exit(1); | 1120 | exit(1); |
1120 | } | 1121 | } |