diff options
| author | Darren Tucker <dtucker@zip.com.au> | 2010-01-08 18:53:43 +1100 |
|---|---|---|
| committer | Darren Tucker <dtucker@zip.com.au> | 2010-01-08 18:53:43 +1100 |
| commit | b8c884a0ba4050e4267be786414127c0f09d5544 (patch) | |
| tree | 18b20493bb52430d446f913e608968eb00dd49d3 /scp.c | |
| parent | 57e0d01260d3c1c7bf9366eed58c54a96eedbc81 (diff) | |
- guenther@cvs.openbsd.org 2009/12/20 07:28:36
[ssh.c sftp.c scp.c]
When passing user-controlled options with arguments to other programs,
pass the option and option argument as separate argv entries and
not smashed into one (e.g., as -l foo and not -lfoo). Also, always
pass a "--" argument to stop option parsing, so that a positional
argument that starts with a '-' isn't treated as an option. This
fixes some error cases as well as the handling of hostnames and
filenames that start with a '-'.
Based on a diff by halex@
ok halex@ djm@ deraadt@
Diffstat (limited to 'scp.c')
| -rw-r--r-- | scp.c | 21 |
1 files changed, 14 insertions, 7 deletions
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: scp.c,v 1.164 2008/10/10 04:55:16 stevesk Exp $ */ | 1 | /* $OpenBSD: scp.c,v 1.165 2009/12/20 07:28:36 guenther Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * scp - secure remote copy. This is basically patched BSD rcp which | 3 | * scp - secure remote copy. This is basically patched BSD rcp which |
| 4 | * uses ssh to do the data transfer (instead of using rcmd). | 4 | * uses ssh to do the data transfer (instead of using rcmd). |
| @@ -244,8 +244,11 @@ do_cmd(char *host, char *remuser, char *cmd, int *fdin, int *fdout) | |||
| 244 | close(pout[1]); | 244 | close(pout[1]); |
| 245 | 245 | ||
| 246 | replacearg(&args, 0, "%s", ssh_program); | 246 | replacearg(&args, 0, "%s", ssh_program); |
| 247 | if (remuser != NULL) | 247 | if (remuser != NULL) { |
| 248 | addargs(&args, "-l%s", remuser); | 248 | addargs(&args, "-l"); |
| 249 | addargs(&args, "%s", remuser); | ||
| 250 | } | ||
| 251 | addargs(&args, "--"); | ||
| 249 | addargs(&args, "%s", host); | 252 | addargs(&args, "%s", host); |
| 250 | addargs(&args, "%s", cmd); | 253 | addargs(&args, "%s", cmd); |
| 251 | 254 | ||
| @@ -337,10 +340,12 @@ main(int argc, char **argv) | |||
| 337 | case 'c': | 340 | case 'c': |
| 338 | case 'i': | 341 | case 'i': |
| 339 | case 'F': | 342 | case 'F': |
| 340 | addargs(&args, "-%c%s", ch, optarg); | 343 | addargs(&args, "-%c", ch); |
| 344 | addargs(&args, "%s", optarg); | ||
| 341 | break; | 345 | break; |
| 342 | case 'P': | 346 | case 'P': |
| 343 | addargs(&args, "-p%s", optarg); | 347 | addargs(&args, "-p"); |
| 348 | addargs(&args, "%s", optarg); | ||
| 344 | break; | 349 | break; |
| 345 | case 'B': | 350 | case 'B': |
| 346 | addargs(&args, "-oBatchmode yes"); | 351 | addargs(&args, "-oBatchmode yes"); |
| @@ -548,6 +553,7 @@ toremote(char *targ, int argc, char **argv) | |||
| 548 | } else { | 553 | } else { |
| 549 | host = cleanhostname(argv[i]); | 554 | host = cleanhostname(argv[i]); |
| 550 | } | 555 | } |
| 556 | addargs(&alist, "--"); | ||
| 551 | addargs(&alist, "%s", host); | 557 | addargs(&alist, "%s", host); |
| 552 | addargs(&alist, "%s", cmd); | 558 | addargs(&alist, "%s", cmd); |
| 553 | addargs(&alist, "%s", src); | 559 | addargs(&alist, "%s", src); |
| @@ -558,7 +564,7 @@ toremote(char *targ, int argc, char **argv) | |||
| 558 | errs = 1; | 564 | errs = 1; |
| 559 | } else { /* local to remote */ | 565 | } else { /* local to remote */ |
| 560 | if (remin == -1) { | 566 | if (remin == -1) { |
| 561 | xasprintf(&bp, "%s -t %s", cmd, targ); | 567 | xasprintf(&bp, "%s -t -- %s", cmd, targ); |
| 562 | host = cleanhostname(thost); | 568 | host = cleanhostname(thost); |
| 563 | if (do_cmd(host, tuser, bp, &remin, | 569 | if (do_cmd(host, tuser, bp, &remin, |
| 564 | &remout) < 0) | 570 | &remout) < 0) |
| @@ -591,6 +597,7 @@ tolocal(int argc, char **argv) | |||
| 591 | addargs(&alist, "-r"); | 597 | addargs(&alist, "-r"); |
| 592 | if (pflag) | 598 | if (pflag) |
| 593 | addargs(&alist, "-p"); | 599 | addargs(&alist, "-p"); |
| 600 | addargs(&alist, "--"); | ||
| 594 | addargs(&alist, "%s", argv[i]); | 601 | addargs(&alist, "%s", argv[i]); |
| 595 | addargs(&alist, "%s", argv[argc-1]); | 602 | addargs(&alist, "%s", argv[argc-1]); |
| 596 | if (do_local_cmd(&alist)) | 603 | if (do_local_cmd(&alist)) |
| @@ -610,7 +617,7 @@ tolocal(int argc, char **argv) | |||
| 610 | suser = pwd->pw_name; | 617 | suser = pwd->pw_name; |
| 611 | } | 618 | } |
| 612 | host = cleanhostname(host); | 619 | host = cleanhostname(host); |
| 613 | xasprintf(&bp, "%s -f %s", cmd, src); | 620 | xasprintf(&bp, "%s -f -- %s", cmd, src); |
| 614 | if (do_cmd(host, suser, bp, &remin, &remout) < 0) { | 621 | if (do_cmd(host, suser, bp, &remin, &remout) < 0) { |
| 615 | (void) xfree(bp); | 622 | (void) xfree(bp); |
| 616 | ++errs; | 623 | ++errs; |