[openssh-commits] [openssh] 04/05: upstream: when scp(1) is using the SFTP protocol for transport (the
git+noreply at mindrot.org
git+noreply at mindrot.org
Tue Oct 25 08:56:59 AEDT 2022
This is an automated email from the git hooks/post-receive script.
djm pushed a commit to branch master
in repository openssh.
commit a4821a592456c3add3cd325db433110cdaaa3e5c
Author: djm at openbsd.org <djm at openbsd.org>
Date: Mon Oct 24 21:51:55 2022 +0000
upstream: when scp(1) is using the SFTP protocol for transport (the
default), better match scp/rcp's handling of globs that don't match the
globbed characters but do match literally (e.g. trying to transfer
"foo.[1]").
Previously scp(1) in SFTP mode would not match these pathnames but
legacy scp/rcp mode would.
Reported by Michael Yagliyan in bz3488; ok dtucker@
OpenBSD-Commit-ID: d8a3773f53015ba811fddba7473769a2fd343e11
---
scp.c | 39 +++++++++++++++++++++++++++++++++++----
sftp-glob.c | 34 ++++++++++++++++++++++++++++++++--
2 files changed, 67 insertions(+), 6 deletions(-)
diff --git a/scp.c b/scp.c
index f9ca5d39..73bfe2f5 100644
--- a/scp.c
+++ b/scp.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: scp.c,v 1.248 2022/05/13 06:31:50 djm Exp $ */
+/* $OpenBSD: scp.c,v 1.249 2022/10/24 21:51:55 djm Exp $ */
/*
* scp - secure remote copy. This is basically patched BSD rcp which
* uses ssh to do the data transfer (instead of using rcmd).
@@ -1505,7 +1505,8 @@ sink_sftp(int argc, char *dst, const char *src, struct sftp_conn *conn)
}
debug3_f("copying remote %s to local %s", abs_src, dst);
- if ((r = remote_glob(conn, abs_src, GLOB_MARK, NULL, &g)) != 0) {
+ if ((r = remote_glob(conn, abs_src, GLOB_NOCHECK|GLOB_MARK,
+ NULL, &g)) != 0) {
if (r == GLOB_NOSPACE)
error("%s: too many glob matches", src);
else
@@ -1514,6 +1515,20 @@ sink_sftp(int argc, char *dst, const char *src, struct sftp_conn *conn)
goto out;
}
+ /* Did we actually get any matches back from the glob? */
+ if (g.gl_matchc == 0 && g.gl_pathc == 1 && g.gl_pathv[0] != 0) {
+ /*
+ * If nothing matched but a path returned, then it's probably
+ * a GLOB_NOCHECK result. Check whether the unglobbed path
+ * exists so we can give a nice error message early.
+ */
+ if (do_stat(conn, g.gl_pathv[0], 1) == NULL) {
+ error("%s: %s", src, strerror(ENOENT));
+ err = -1;
+ goto out;
+ }
+ }
+
if ((r = stat(dst, &st)) != 0)
debug2_f("stat local \"%s\": %s", dst, strerror(errno));
dst_is_dir = r == 0 && S_ISDIR(st.st_mode);
@@ -1731,7 +1746,8 @@ sink(int argc, char **argv, const char *src)
}
if (npatterns > 0) {
for (n = 0; n < npatterns; n++) {
- if (fnmatch(patterns[n], cp, 0) == 0)
+ if (strcmp(patterns[n], cp) == 0 ||
+ fnmatch(patterns[n], cp, 0) == 0)
break;
}
if (n >= npatterns)
@@ -1922,7 +1938,8 @@ throughlocal_sftp(struct sftp_conn *from, struct sftp_conn *to,
}
debug3_f("copying remote %s to remote %s", abs_src, target);
- if ((r = remote_glob(from, abs_src, GLOB_MARK, NULL, &g)) != 0) {
+ if ((r = remote_glob(from, abs_src, GLOB_NOCHECK|GLOB_MARK,
+ NULL, &g)) != 0) {
if (r == GLOB_NOSPACE)
error("%s: too many glob matches", src);
else
@@ -1931,6 +1948,20 @@ throughlocal_sftp(struct sftp_conn *from, struct sftp_conn *to,
goto out;
}
+ /* Did we actually get any matches back from the glob? */
+ if (g.gl_matchc == 0 && g.gl_pathc == 1 && g.gl_pathv[0] != 0) {
+ /*
+ * If nothing matched but a path returned, then it's probably
+ * a GLOB_NOCHECK result. Check whether the unglobbed path
+ * exists so we can give a nice error message early.
+ */
+ if (do_stat(from, g.gl_pathv[0], 1) == NULL) {
+ error("%s: %s", src, strerror(ENOENT));
+ err = -1;
+ goto out;
+ }
+ }
+
for (i = 0; g.gl_pathv[i] && !interrupted; i++) {
tmp = xstrdup(g.gl_pathv[i]);
if ((filename = basename(tmp)) == NULL) {
diff --git a/sftp-glob.c b/sftp-glob.c
index 764e9955..afeb15f9 100644
--- a/sftp-glob.c
+++ b/sftp-glob.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sftp-glob.c,v 1.30 2022/02/25 09:46:24 dtucker Exp $ */
+/* $OpenBSD: sftp-glob.c,v 1.31 2022/10/24 21:51:55 djm Exp $ */
/*
* Copyright (c) 2001-2004 Damien Miller <djm at openbsd.org>
*
@@ -137,6 +137,11 @@ int
remote_glob(struct sftp_conn *conn, const char *pattern, int flags,
int (*errfunc)(const char *, int), glob_t *pglob)
{
+ int r;
+ size_t l;
+ char *s;
+ struct stat sb;
+
pglob->gl_opendir = fudge_opendir;
pglob->gl_readdir = (struct dirent *(*)(void *))fudge_readdir;
pglob->gl_closedir = (void (*)(void *))fudge_closedir;
@@ -146,5 +151,30 @@ remote_glob(struct sftp_conn *conn, const char *pattern, int flags,
memset(&cur, 0, sizeof(cur));
cur.conn = conn;
- return(glob(pattern, flags | GLOB_ALTDIRFUNC, errfunc, pglob));
+ if ((r = glob(pattern, flags | GLOB_ALTDIRFUNC, errfunc, pglob)) != 0)
+ return r;
+ /*
+ * When both GLOB_NOCHECK and GLOB_MARK are active, a single gl_pathv
+ * entry has been returned and that entry has not already been marked,
+ * then check whether it needs a '/' appended as a directory mark.
+ *
+ * This ensures that a NOCHECK result is annotated as a directory.
+ * The glob(3) spec doesn't promise to mark NOCHECK entries, but doing
+ * it simplifies our callers (sftp/scp) considerably.
+ *
+ * XXX doesn't try to handle gl_offs.
+ */
+ if ((flags & (GLOB_NOCHECK|GLOB_MARK)) == (GLOB_NOCHECK|GLOB_MARK) &&
+ pglob->gl_matchc == 0 && pglob->gl_offs == 0 &&
+ pglob->gl_pathc == 1 && (s = pglob->gl_pathv[0]) != NULL &&
+ (l = strlen(s)) > 0 && s[l-1] != '/') {
+ if (fudge_stat(s, &sb) == 0 && S_ISDIR(sb.st_mode)) {
+ /* NOCHECK on a directory; annotate */
+ if ((s = realloc(s, l + 2)) != NULL) {
+ memcpy(s + l, "/", 2);
+ pglob->gl_pathv[0] = s;
+ }
+ }
+ }
+ return 0;
}
--
To stop receiving notification emails like this one, please contact
djm at mindrot.org.
More information about the openssh-commits
mailing list