diff options
Diffstat (limited to 'scp.c')
-rw-r--r-- | scp.c | 11 |
1 files changed, 8 insertions, 3 deletions
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: scp.c,v 1.162 2008/01/01 09:06:39 dtucker Exp $ */ | 1 | /* $OpenBSD: scp.c,v 1.163 2008/06/13 18:55:22 dtucker Exp $ */ |
2 | /* | 2 | /* |
3 | * scp - secure remote copy. This is basically patched BSD rcp which | 3 | * scp - secure remote copy. This is basically patched BSD rcp which |
4 | * uses ssh to do the data transfer (instead of using rcmd). | 4 | * uses ssh to do the data transfer (instead of using rcmd). |
@@ -629,7 +629,8 @@ source(int argc, char **argv) | |||
629 | struct stat stb; | 629 | struct stat stb; |
630 | static BUF buffer; | 630 | static BUF buffer; |
631 | BUF *bp; | 631 | BUF *bp; |
632 | off_t i, amt, statbytes; | 632 | off_t i, statbytes; |
633 | size_t amt; | ||
633 | int fd = -1, haderr, indx; | 634 | int fd = -1, haderr, indx; |
634 | char *last, *name, buf[2048], encname[MAXPATHLEN]; | 635 | char *last, *name, buf[2048], encname[MAXPATHLEN]; |
635 | int len; | 636 | int len; |
@@ -650,6 +651,10 @@ source(int argc, char **argv) | |||
650 | syserr: run_err("%s: %s", name, strerror(errno)); | 651 | syserr: run_err("%s: %s", name, strerror(errno)); |
651 | goto next; | 652 | goto next; |
652 | } | 653 | } |
654 | if (stb.st_size < 0) { | ||
655 | run_err("%s: %s", name, "Negative file size"); | ||
656 | goto next; | ||
657 | } | ||
653 | unset_nonblock(fd); | 658 | unset_nonblock(fd); |
654 | switch (stb.st_mode & S_IFMT) { | 659 | switch (stb.st_mode & S_IFMT) { |
655 | case S_IFREG: | 660 | case S_IFREG: |
@@ -709,7 +714,7 @@ next: if (fd != -1) { | |||
709 | set_nonblock(remout); | 714 | set_nonblock(remout); |
710 | for (haderr = i = 0; i < stb.st_size; i += bp->cnt) { | 715 | for (haderr = i = 0; i < stb.st_size; i += bp->cnt) { |
711 | amt = bp->cnt; | 716 | amt = bp->cnt; |
712 | if (i + amt > stb.st_size) | 717 | if (i + (off_t)amt > stb.st_size) |
713 | amt = stb.st_size - i; | 718 | amt = stb.st_size - i; |
714 | if (!haderr) { | 719 | if (!haderr) { |
715 | if (atomicio(read, fd, bp->buf, amt) != amt) | 720 | if (atomicio(read, fd, bp->buf, amt) != amt) |