- djm@cvs.openbsd.org 2006/01/31 10:23:23
[scp.sh]
regression test for CVE-2006-0225 written by dtucker@
diff --git a/regress/scp.sh b/regress/scp.sh
index 02f5410..bfda670 100644
--- a/regress/scp.sh
+++ b/regress/scp.sh
@@ -1,4 +1,4 @@
-# $OpenBSD: scp.sh,v 1.5 2006/01/27 06:49:21 djm Exp $
+# $OpenBSD: scp.sh,v 1.6 2006/01/31 10:23:23 djm Exp $
# Placed in the Public Domain.
tid="scp"
@@ -82,6 +82,13 @@
$SCP $scpopts -r somehost:${DIR} ${DIR2} || fail "copy failed"
diff ${DIFFOPT} ${DIR} ${DIR2} || fail "corrupted copy"
+verbose "$tid: shell metacharacters"
+scpclean
+(cd ${DIR} && \
+touch '`touch metachartest`' && \
+$SCP $scpopts *metachar* ${DIR2} 2>/dev/null; \
+[ ! -f metachartest ] ) || fail "shell metacharacters"
+
if [ ! -z "$SUDO" ]; then
verbose "$tid: skipped file after scp -p with failed chown+utimes"
scpclean