[openssh-commits] [openssh] 04/05: upstream commit

git+noreply at mindrot.org git+noreply at mindrot.org
Fri Apr 28 13:26:44 AEST 2017 

This is an automated email from the git hooks/post-receive script.

djm pushed a commit to branch master
in repository openssh.

commit 066437187e16dcafcbc19f9402ef0e6575899b1d
Author: millert at openbsd.org <millert at openbsd.org>
Date:   Fri Apr 28 03:21:12 2017 +0000

    upstream commit
    
    Avoid relying on implementation-specific behavior when
    detecting whether the timestamp or file size overflowed.  If time_t and off_t
    are not either 32-bit or 64-bit scp will exit with an error. OK djm@
    
    Upstream-ID: f31caae73ddab6df496b7bbbf7da431e267ad135
---
 scp.c | 19 +++++++++++++------
 1 file changed, 13 insertions(+), 6 deletions(-)

diff --git a/scp.c b/scp.c
index 45541af0..3de743e3 100644
--- a/scp.c
+++ b/scp.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: scp.c,v 1.188 2017/04/27 11:53:12 millert Exp $ */
+/* $OpenBSD: scp.c,v 1.189 2017/04/28 03:21:12 millert Exp $ */
 /*
  * scp - secure remote copy.  This is basically patched BSD rcp which
  * uses ssh to do the data transfer (instead of using rcmd).
@@ -99,6 +99,7 @@
 #include <pwd.h>
 #include <signal.h>
 #include <stdarg.h>
+#include <stdint.h>
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
@@ -915,6 +916,11 @@ rsource(char *name, struct stat *statp)
 	(void) response();
 }
 
+#define TYPE_OVERFLOW(type, val) \
+	((sizeof(type) == 4 && (val) > INT32_MAX) || \
+	 (sizeof(type) == 8 && (val) > INT64_MAX) || \
+	 (sizeof(type) != 4 && sizeof(type) != 8))
+
 void
 sink(int argc, char **argv)
 {
@@ -938,6 +944,9 @@ sink(int argc, char **argv)
 #define	mtime	tv[1]
 #define	SCREWUP(str)	{ why = str; goto screwup; }
 
+	if (TYPE_OVERFLOW(time_t, 0) || TYPE_OVERFLOW(off_t, 0))
+		SCREWUP("Unexpected off_t/time_t size");
+
 	setimes = targisdir = 0;
 	mask = umask(0);
 	if (!pflag)
@@ -996,8 +1005,7 @@ sink(int argc, char **argv)
 			ull = strtoull(cp, &cp, 10);
 			if (!cp || *cp++ != ' ')
 				SCREWUP("mtime.sec not delimited");
-			if ((time_t)ull < 0 ||
-			    (unsigned long long)(time_t)ull != ull)
+			if (TYPE_OVERFLOW(time_t, ull))
 				setimes = 0;	/* out of range */
 			mtime.tv_sec = ull;
 			mtime.tv_usec = strtol(cp, &cp, 10);
@@ -1009,8 +1017,7 @@ sink(int argc, char **argv)
 			ull = strtoull(cp, &cp, 10);
 			if (!cp || *cp++ != ' ')
 				SCREWUP("atime.sec not delimited");
-			if ((time_t)ull < 0 ||
-			    (unsigned long long)(time_t)ull != ull)
+			if (TYPE_OVERFLOW(time_t, ull))
 				setimes = 0;	/* out of range */
 			atime.tv_sec = ull;
 			atime.tv_usec = strtol(cp, &cp, 10);
@@ -1048,7 +1055,7 @@ sink(int argc, char **argv)
 		ull = strtoull(cp, &cp, 10);
 		if (!cp || *cp++ != ' ')
 			SCREWUP("size not delimited");
-		if ((off_t)ull < 0 || (unsigned long long)(off_t)ull != ull)
+		if (TYPE_OVERFLOW(off_t, ull))
 			SCREWUP("size out of range");
 		size = (off_t)ull;
 

-- 
To stop receiving notification emails like this one, please contact
djm at mindrot.org.

More information about the openssh-commits mailing list