if (len > 0) {
if (pendsize < pendlen + len) {
pendsize = pendlen + len + 4096;
- pending = (pending ? realloc(pending, pendsize) :
- malloc(pendsize));
+ pending = (pending ? srealloc(pending, pendsize) :
+ smalloc(pendsize));
if (!pending)
fatalbox("Out of memory");
}
pendlen -= pendused;
if (pendlen == 0) {
pendsize = 0;
- free(pending);
+ sfree(pending);
pending = NULL;
}
if (outlen == 0)
strcat(str, "\n");
tell_str(stderr, str);
- if (back->socket() != NULL) {
+ if (back != NULL && back->socket() != NULL) {
char ch;
back->special(TS_EOF);
ssh_scp_recv(&ch, 1);
do {
char *last;
char namebuf[2048];
+ /*
+ * Ensure that . and .. are never matched by wildcards,
+ * but only by deliberate action.
+ */
+ if (!strcmp(fdat.cFileName, ".") ||
+ !strcmp(fdat.cFileName, "..")) {
+ /*
+ * Find*File has returned a special dir. We require
+ * that _either_ `src' ends in a backslash followed
+ * by that string, _or_ `src' is precisely that
+ * string.
+ */
+ int len = strlen(src), dlen = strlen(fdat.cFileName);
+ if (len == dlen && !strcmp(src, fdat.cFileName)) {
+ /* ok */;
+ } else if (len > dlen+1 && src[len-dlen-1] == '\\' &&
+ !strcmp(src+len-dlen, fdat.cFileName)) {
+ /* ok */;
+ } else
+ continue; /* ignore this one */
+ }
if (strlen(src) + strlen(fdat.cFileName) >=
sizeof(namebuf)) {
tell_user(stderr, "%s: Name too long", src);
}
argc -= i;
argv += i;
+ back = NULL;
if (list) {
if (argc != 1)
tolocal(argc, argv);
}
- if (back->socket() != NULL) {
+ if (back != NULL && back->socket() != NULL) {
char ch;
back->special(TS_EOF);
ssh_scp_recv(&ch, 1);