Bugzilla – Attachment 302 Details for
Bug 517
bad "put" arg parsing
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Concise & correct patch
sftp-quotefix.diff (text/plain), 1.97 KB, created by
Damien Miller
on 2003-05-16 01:01:27 AEST
(
hide
)
Description:
Concise & correct patch
Filename:
MIME Type:
Creator:
Damien Miller
Created:
2003-05-16 01:01:27 AEST
Size:
1.97 KB
patch
obsolete
>I just realised that we have never handled backslash escapes in the >sftp arg parser. This fixes the aforementioned quoting problems and >adds unescaping for quotes only. > >Please read carefully, lots of string-fucking. > >Index: sftp-int.c >=================================================================== >RCS file: /cvs/src/usr.bin/ssh/sftp-int.c,v >retrieving revision 1.60 >diff -u -r1.60 sftp-int.c >--- sftp-int.c 15 May 2003 03:43:59 -0000 1.60 >+++ sftp-int.c 15 May 2003 14:34:27 -0000 >@@ -334,7 +334,7 @@ > { > const char *cp = *cpp, *end; > char quot; >- int i; >+ int i, j; > > cp += strspn(cp, WHITESPACE); > if (!*cp) { >@@ -343,37 +343,53 @@ > return (0); > } > >+ *path = xmalloc(strlen(cp) + 1); >+ > /* Check for quoted filenames */ > if (*cp == '\"' || *cp == '\'') { > quot = *cp++; > >- end = strchr(cp, quot); >- if (end == NULL) { >- error("Unterminated quote"); >- goto fail; >+ /* Search for terminating quote, unescape some chars */ >+ for (i = j = 0; i <= strlen(cp); i++) { >+ if (cp[i] == quot) { /* Found quote */ >+ (*path)[j] = '\0'; >+ break; >+ } >+ if (cp[i] == '\0') { /* End of string */ >+ error("Unterminated quote"); >+ goto fail; >+ } >+ if (cp[i] == '\\') { /* Escaped characters */ >+ i++; >+ if (cp[i] != '\'' && cp[i] != '\"') { >+ error("Bad escaped character '%c'", >+ cp[i]); >+ goto fail; >+ } >+ } >+ (*path)[j++] = cp[i]; > } >- if (cp == end) { >+ >+ if (j == 0) { > error("Empty quotes"); > goto fail; > } >- *cpp = end + 1 + strspn(end + 1, WHITESPACE); >+ *cpp = cp + i + strspn(cp + i, WHITESPACE); > } else { > /* Read to end of filename */ > end = strpbrk(cp, WHITESPACE); > if (end == NULL) > end = strchr(cp, '\0'); > *cpp = end + strspn(end, WHITESPACE); >- } >- >- i = end - cp; > >- *path = xmalloc(i + 1); >- memcpy(*path, cp, i); >- (*path)[i] = '\0'; >- return(0); >+ memcpy(*path, cp, end - cp); >+ (*path)[end - cp] = '\0'; >+ } >+ return (0); > > fail: >- *path = NULL; >+ xfree(*path); >+ *path = NULL; > return (-1); > } >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=302">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 517
:
257
|
258
|
259
|
260
|
261
|
264
|
265
|
299
| 302