From 11b88754cadcad0ba79b4ffcc127223248dccb54 Mon Sep 17 00:00:00 2001
From: "dtucker@openbsd.org" <dtucker@openbsd.org>
Date: Wed, 23 Jan 2019 08:01:46 +0000
Subject: upstream: Sanitize scp filenames via snmprintf. To do this we move

the progressmeter formatting outside of signal handler context and have the
atomicio callback called for EINTR too.  bz#2434 with contributions from djm
and jjelen at redhat.com, ok djm@

OpenBSD-Commit-ID: 1af61c1f70e4f3bd8ab140b9f1fa699481db57d8

CVE-2019-6109

Origin: backport, https://anongit.mindrot.org/openssh.git/commit/?id=8976f1c4b2721c26e878151f52bdf346dfe2d54c
Bug-Debian: https://bugs.debian.org/793412
Last-Update: 2019-02-08

Patch-Name: sanitize-scp-filenames-via-snmprintf.patch
---
 scp.c | 1 +
 1 file changed, 1 insertion(+)

(limited to 'scp.c')

diff --git a/scp.c b/scp.c
index 7163d33dc..80308573c 100644
--- a/scp.c
+++ b/scp.c
@@ -593,6 +593,7 @@ scpio(void *_cnt, size_t s)
 	off_t *cnt = (off_t *)_cnt;
 
 	*cnt += s;
+	refresh_progress_meter();
 	if (limit_kbps > 0)
 		bandwidth_limit(&bwlimit, s);
 	return 0;
-- 
cgit v1.2.3