scp doesn't work with large (>2GB) files
Jani Jaakkola
jjaakkol at cs.Helsinki.FI
Thu Sep 13 02:56:48 EST 2001
On Wed, 12 Sep 2001, Theo de Raadt wrote:
> This is ridiculous.
>
> It means that any existing program that is not aware of this flag
> will have two divergent behaviours.
>
> That is the kind of bug that results in security holes. I have tons
> of experience with this, and this is INCREDIBLY dangerous.
Yes, in Linux existing programs that do not use -D_FILE_OFFSET_BITS=64
cannot open or write files larger than 2G (they fail with EFBIG).
Personally I don't think that this poses a great security risk, since
failing to open a file can happen for a myriad of other reasons too.
However, if an existing 32-bit off_t program could open a file larger than
2G, it would be suspect to at least signedness errors when off_t overflows.
And that is one of the reasons for which O_LARGEFILE should not be used
directly.
So, O_LARGEFILE should not be used by openssh.
- Jani
More information about the openssh-unix-dev
mailing list