diff options
-rw-r--r-- | ChangeLog | 6 | ||||
-rw-r--r-- | scp.c | 23 |
2 files changed, 20 insertions, 9 deletions
@@ -20,6 +20,10 @@ | |||
20 | [sshd.8] | 20 | [sshd.8] |
21 | typos; sshd(8): help and ok markus@ | 21 | typos; sshd(8): help and ok markus@ |
22 | help and ok millert@ | 22 | help and ok millert@ |
23 | - markus@cvs.openbsd.org 2003/02/02 10:51:13 | ||
24 | [scp.c] | ||
25 | call okname() only when using system(3) for remote-remote copy; | ||
26 | fixes bugs #483, #472; ok deraadt@, mouring@ | ||
23 | 27 | ||
24 | 20030211 | 28 | 20030211 |
25 | - (djm) Cygwin needs libcrypt too. Patch from vinschen@redhat.com | 29 | - (djm) Cygwin needs libcrypt too. Patch from vinschen@redhat.com |
@@ -1120,4 +1124,4 @@ | |||
1120 | save auth method before monitor_reset_key_state(); bugzilla bug #284; | 1124 | save auth method before monitor_reset_key_state(); bugzilla bug #284; |
1121 | ok provos@ | 1125 | ok provos@ |
1122 | 1126 | ||
1123 | $Id: ChangeLog,v 1.2598 2003/02/24 00:52:26 djm Exp $ | 1127 | $Id: ChangeLog,v 1.2599 2003/02/24 00:52:58 djm Exp $ |
@@ -75,7 +75,7 @@ | |||
75 | */ | 75 | */ |
76 | 76 | ||
77 | #include "includes.h" | 77 | #include "includes.h" |
78 | RCSID("$OpenBSD: scp.c,v 1.100 2003/01/23 14:06:15 markus Exp $"); | 78 | RCSID("$OpenBSD: scp.c,v 1.101 2003/02/02 10:51:13 markus Exp $"); |
79 | 79 | ||
80 | #include "xmalloc.h" | 80 | #include "xmalloc.h" |
81 | #include "atomicio.h" | 81 | #include "atomicio.h" |
@@ -370,8 +370,6 @@ toremote(targ, argc, argv) | |||
370 | tuser = argv[argc - 1]; | 370 | tuser = argv[argc - 1]; |
371 | if (*tuser == '\0') | 371 | if (*tuser == '\0') |
372 | tuser = NULL; | 372 | tuser = NULL; |
373 | else if (!okname(tuser)) | ||
374 | exit(1); | ||
375 | } else { | 373 | } else { |
376 | thost = argv[argc - 1]; | 374 | thost = argv[argc - 1]; |
377 | tuser = NULL; | 375 | tuser = NULL; |
@@ -399,6 +397,8 @@ toremote(targ, argc, argv) | |||
399 | suser = pwd->pw_name; | 397 | suser = pwd->pw_name; |
400 | else if (!okname(suser)) | 398 | else if (!okname(suser)) |
401 | continue; | 399 | continue; |
400 | if (tuser && !okname(tuser)) | ||
401 | continue; | ||
402 | snprintf(bp, len, | 402 | snprintf(bp, len, |
403 | "%s%s %s -n " | 403 | "%s%s %s -n " |
404 | "-l %s %s %s %s '%s%s%s:%s'", | 404 | "-l %s %s %s %s '%s%s%s:%s'", |
@@ -472,8 +472,6 @@ tolocal(argc, argv) | |||
472 | suser = argv[i]; | 472 | suser = argv[i]; |
473 | if (*suser == '\0') | 473 | if (*suser == '\0') |
474 | suser = pwd->pw_name; | 474 | suser = pwd->pw_name; |
475 | else if (!okname(suser)) | ||
476 | continue; | ||
477 | } | 475 | } |
478 | host = cleanhostname(host); | 476 | host = cleanhostname(host); |
479 | len = strlen(src) + CMDNEEDS + 20; | 477 | len = strlen(src) + CMDNEEDS + 20; |
@@ -1085,9 +1083,18 @@ okname(cp0) | |||
1085 | c = (int)*cp; | 1083 | c = (int)*cp; |
1086 | if (c & 0200) | 1084 | if (c & 0200) |
1087 | goto bad; | 1085 | goto bad; |
1088 | if (!isalpha(c) && !isdigit(c) && | 1086 | if (!isalpha(c) && !isdigit(c)) { |
1089 | c != '@' && c != '_' && c != '-' && c != '.' && c != '+') | 1087 | switch (c) { |
1090 | goto bad; | 1088 | case '\'': |
1089 | case '"': | ||
1090 | case '`': | ||
1091 | case ' ': | ||
1092 | case '#': | ||
1093 | goto bad; | ||
1094 | default: | ||
1095 | break; | ||
1096 | } | ||
1097 | } | ||
1091 | } while (*++cp); | 1098 | } while (*++cp); |
1092 | return (1); | 1099 | return (1); |
1093 | 1100 | ||