on Cygwin, check paths from server for backslashes
Pointed out by Jann Horn of Google Project Zero
diff --git a/sftp-client.c b/sftp-client.c
index d47be0e..a6e8322 100644
--- a/sftp-client.c
+++ b/sftp-client.c
@@ -67,6 +67,13 @@
/* Maximum depth to descend in directory trees */
#define MAX_DIR_DEPTH 64
+/* Directory separator characters */
+#ifdef HAVE_CYGWIN
+# define SFTP_DIRECTORY_CHARS "/\\"
+#else /* HAVE_CYGWIN */
+# define SFTP_DIRECTORY_CHARS "/"
+#endif /* HAVE_CYGWIN */
+
struct sftp_conn {
int fd_in;
int fd_out;
@@ -619,7 +626,7 @@
* These can be used to attack recursive ops
* (e.g. send '../../../../etc/passwd')
*/
- if (strchr(filename, '/') != NULL) {
+ if (strpbrk(filename, SFTP_DIRECTORY_CHARS) != NULL) {
error("Server sent suspect path \"%s\" "
"during readdir of \"%s\"", filename, path);
} else if (dir) {