static void source(char *src);
static void rsource(char *src);
-static void sink(char *targ);
+static void sink(char *targ, char *src);
/* GUI Adaptation - Sept 2000 */
static void tell_char(FILE *stream, char c);
static void tell_str(FILE *stream, char *str);
va_list ap;
va_start(ap, fmt);
errs++;
- strcpy(str, "\01scp: ");
+ strcpy(str, "scp: ");
vsprintf(str+strlen(str), fmt, ap);
strcat(str, "\n");
back->send(str, strlen(str));
/*
* Execute the sink part of the SCP protocol.
*/
-static void sink(char *targ)
+static void sink(char *targ, char *src)
{
char buf[2048];
char namebuf[2048];
if (sscanf(buf+1, "%u %lu %[^\n]", &mode, &size, namebuf) != 3)
bump("Protocol error: Illegal file descriptor format");
+ /* Security fix: ensure the file ends up where we asked for it. */
+ if (src) {
+ char *p = src + strlen(src);
+ while (p > src && p[-1] != '/' && p[-1] != '\\')
+ p--;
+ strcpy(namebuf, p);
+ }
if (targisdir) {
char t[2048];
+ char *p;
strcpy(t, targ);
if (targ[0] != '\0')
strcat(t, "/");
- strcat(t, namebuf);
+ p = namebuf + strlen(namebuf);
+ while (p > namebuf && p[-1] != '/' && p[-1] != '\\')
+ p--;
+ strcat(t, p);
strcpy(namebuf, t);
} else {
strcpy(namebuf, targ);
continue;
}
}
- sink(namebuf);
+ sink(namebuf, NULL);
/* can we set the timestamp for directories ? */
continue;
}
do_cmd(host, user, cmd);
sfree(cmd);
- sink(targ);
+ sink(targ, src);
}
/*