From 1845fe6bda0729e52f4c645137f4fc3070b5438a Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Wed, 2 Jul 2014 15:29:01 +1000 Subject: - djm@cvs.openbsd.org 2014/06/24 02:21:01 [scp.c] when copying local->remote fails during read, don't send uninitialised heap to the remote end. Reported by Jann Horn --- scp.c | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) (limited to 'scp.c') diff --git a/scp.c b/scp.c index 18d3b1dc9..1ec3b7087 100644 --- a/scp.c +++ b/scp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: scp.c,v 1.179 2013/11/20 20:53:10 deraadt Exp $ */ +/* $OpenBSD: scp.c,v 1.180 2014/06/24 02:21:01 djm Exp $ */ /* * scp - secure remote copy. This is basically patched BSD rcp which * uses ssh to do the data transfer (instead of using rcmd). @@ -747,7 +747,7 @@ source(int argc, char **argv) static BUF buffer; BUF *bp; off_t i, statbytes; - size_t amt; + size_t amt, nr; int fd = -1, haderr, indx; char *last, *name, buf[2048], encname[MAXPATHLEN]; int len; @@ -820,12 +820,16 @@ next: if (fd != -1) { if (i + (off_t)amt > stb.st_size) amt = stb.st_size - i; if (!haderr) { - if (atomicio(read, fd, bp->buf, amt) != amt) + if ((nr = atomicio(read, fd, + bp->buf, amt)) != amt) { haderr = errno; + memset(bp->buf + nr, 0, amt - nr); + } } /* Keep writing after error to retain sync */ if (haderr) { (void)atomicio(vwrite, remout, bp->buf, amt); + memset(bp->buf, 0, amt); continue; } if (atomicio6(vwrite, remout, bp->buf, amt, scpio, -- cgit v1.2.3 From fd174c13c46191abdb33c0a45545573a8e06b061 Mon Sep 17 00:00:00 2001 From: Nicolas Valcárcel Date: Sun, 9 Feb 2014 16:09:59 +0000 Subject: Adjust scp quoting in verbose mode Tweak scp's reporting of filenames in verbose mode to be a bit less confusing with spaces. This should be revised to mimic real shell quoting. Bug-Ubuntu: https://bugs.launchpad.net/bugs/89945 Last-Update: 2010-02-27 Patch-Name: scp-quoting.patch --- scp.c | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) (limited to 'scp.c') diff --git a/scp.c b/scp.c index 1ec3b7087..a1b318b9f 100644 --- a/scp.c +++ b/scp.c @@ -189,8 +189,16 @@ do_local_cmd(arglist *a) if (verbose_mode) { fprintf(stderr, "Executing:"); - for (i = 0; i < a->num; i++) - fprintf(stderr, " %s", a->list[i]); + for (i = 0; i < a->num; i++) { + if (i == 0) + fprintf(stderr, " %s", a->list[i]); + else + /* + * TODO: misbehaves if a->list[i] contains a + * single quote + */ + fprintf(stderr, " '%s'", a->list[i]); + } fprintf(stderr, "\n"); } if ((pid = fork()) == -1) -- cgit v1.2.3