aboutsummaryrefslogtreecommitdiffstats
path: root/crypto
diff options
context:
space:
mode:
authorEd Maste <emaste@FreeBSD.org>2019-01-16 15:15:04 +0000
committerEd Maste <emaste@FreeBSD.org>2019-01-16 15:15:04 +0000
commit46e043d174178ad7a370ad61acfc27aaf148ec60 (patch)
tree13e89b4a961fed1f5d61574d298c185b5cef6879 /crypto
parent01f260d3912b722988d71062a2b9c348958db781 (diff)
downloadsrc-46e043d174178ad7a370ad61acfc27aaf148ec60.tar.gz
src-46e043d174178ad7a370ad61acfc27aaf148ec60.zip
MFC r343043: scp: disallow empty or current directory
Obtained from: OpenBSD scp.c 1.198 Security: CVE-2018-20685 Sponsored by: The FreeBSD Foundation
Notes
Notes: svn path=/stable/11/; revision=343097
Diffstat (limited to 'crypto')
-rw-r--r--crypto/openssh/scp.c3
1 files changed, 2 insertions, 1 deletions
diff --git a/crypto/openssh/scp.c b/crypto/openssh/scp.c
index b4db851980ba..145cdedb15a5 100644
--- a/crypto/openssh/scp.c
+++ b/crypto/openssh/scp.c
@@ -1047,7 +1047,8 @@ sink(int argc, char **argv)
size = size * 10 + (*cp++ - '0');
if (*cp++ != ' ')
SCREWUP("size not delimited");
- if ((strchr(cp, '/') != NULL) || (strcmp(cp, "..") == 0)) {
+ if (*cp == '\0' || strchr(cp, '/') != NULL ||
+ strcmp(cp, ".") == 0 || strcmp(cp, "..") == 0) {
run_err("error: unexpected filename: %s", cp);
exit(1);
}