summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorBen Lindstrom <mouring@eviladmin.org>2001-08-06 21:30:53 +0000
committerBen Lindstrom <mouring@eviladmin.org>2001-08-06 21:30:53 +0000
commit95148e3de293052afa4cc7708bc1547c697903cc (patch)
treee57e64ddd5813b7e5ec6979b5aec0529eab77274
parentae996bf7d1967c83a0e0d71e9e89fa9a27d839f9 (diff)
- jakob@cvs.openbsd.org 2001/07/31 12:42:50
[sftp-int.c sftp-server.c] avoid paths beginning with "//"; <vinschen@redhat.com> ok markus@
-rw-r--r--ChangeLog6
-rw-r--r--sftp-int.c5
-rw-r--r--sftp-server.c6
3 files changed, 11 insertions, 6 deletions
diff --git a/ChangeLog b/ChangeLog
index c44eb959..0a66f6c9 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -80,6 +80,10 @@
add 'SmartcardDevice' client option to specify which smartcard device
is used to access a smartcard used for storing the user's private RSA
key. ok markus@.
+ - jakob@cvs.openbsd.org 2001/07/31 12:42:50
+ [sftp-int.c sftp-server.c]
+ avoid paths beginning with "//"; <vinschen@redhat.com>
+ ok markus@
20010803
- (djm) Fix interrupted read in entropy gatherer. Spotted by markus@ on
@@ -6190,4 +6194,4 @@
- Wrote replacements for strlcpy and mkdtemp
- Released 1.0pre1
-$Id: ChangeLog,v 1.1446 2001/08/06 21:27:53 mouring Exp $
+$Id: ChangeLog,v 1.1447 2001/08/06 21:30:53 mouring Exp $
diff --git a/sftp-int.c b/sftp-int.c
index 573fea1d..0851e63a 100644
--- a/sftp-int.c
+++ b/sftp-int.c
@@ -26,7 +26,7 @@
/* XXX: recursive operations */
#include "includes.h"
-RCSID("$OpenBSD: sftp-int.c,v 1.38 2001/07/09 07:04:53 deraadt Exp $");
+RCSID("$OpenBSD: sftp-int.c,v 1.39 2001/07/31 12:42:50 jakob Exp $");
#include "buffer.h"
#include "xmalloc.h"
@@ -204,7 +204,8 @@ path_append(char *p1, char *p2)
ret = xmalloc(len);
strlcpy(ret, p1, len);
- strlcat(ret, "/", len);
+ if (strcmp(p1, "/") != 0)
+ strlcat(ret, "/", len);
strlcat(ret, p2, len);
return(ret);
diff --git a/sftp-server.c b/sftp-server.c
index 5f1b37b0..2ef9753b 100644
--- a/sftp-server.c
+++ b/sftp-server.c
@@ -22,7 +22,7 @@
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include "includes.h"
-RCSID("$OpenBSD: sftp-server.c,v 1.29 2001/06/25 08:25:40 markus Exp $");
+RCSID("$OpenBSD: sftp-server.c,v 1.30 2001/07/31 12:42:50 jakob Exp $");
#include "buffer.h"
#include "bufaux.h"
@@ -756,8 +756,8 @@ process_readdir(void)
stats = xrealloc(stats, nstats * sizeof(Stat));
}
/* XXX OVERFLOW ? */
- snprintf(pathname, sizeof pathname,
- "%s/%s", path, dp->d_name);
+ snprintf(pathname, sizeof pathname, "%s%s%s", path,
+ strcmp(path, "/") ? "/" : "", dp->d_name);
if (lstat(pathname, &st) < 0)
continue;
stat_to_attrib(&st, &(stats[count].attrib));