Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / openssh / 95148e3de293052afa4cc7708bc1547c697903cc^! / .
commit95148e3de293052afa4cc7708bc1547c697903cc[log] [tgz]
authorBen Lindstrom <mouring@eviladmin.org>Mon Aug 06 21:30:53 2001 +0000
committerBen Lindstrom <mouring@eviladmin.org>Mon Aug 06 21:30:53 2001 +0000
treee57e64ddd5813b7e5ec6979b5aec0529eab77274
parentae996bf7d1967c83a0e0d71e9e89fa9a27d839f9 [diff]
   - jakob@cvs.openbsd.org 2001/07/31 12:42:50
     [sftp-int.c sftp-server.c]
     avoid paths beginning with "//"; <vinschen@redhat.com>
     ok markus@

diff --git a/ChangeLog b/ChangeLog
index c44eb95..0a66f6c 100644
--- a/ChangeLog
+++ b/ChangeLog

@@ -80,6 +80,10 @@
      add 'SmartcardDevice' client option to specify which smartcard device 
      is used to access a smartcard used for storing the user's private RSA 
      key. ok markus@.
+   - jakob@cvs.openbsd.org 2001/07/31 12:42:50
+     [sftp-int.c sftp-server.c]
+     avoid paths beginning with "//"; <vinschen@redhat.com>
+     ok markus@
 
 20010803
  - (djm) Fix interrupted read in entropy gatherer. Spotted by markus@ on
@@ -6190,4 +6194,4 @@
  - Wrote replacements for strlcpy and mkdtemp
  - Released 1.0pre1
 
-$Id: ChangeLog,v 1.1446 2001/08/06 21:27:53 mouring Exp $
+$Id: ChangeLog,v 1.1447 2001/08/06 21:30:53 mouring Exp $

diff --git a/sftp-int.c b/sftp-int.c
index 573fea1..0851e63 100644
--- a/sftp-int.c
+++ b/sftp-int.c

@@ -26,7 +26,7 @@
 /* XXX: recursive operations */
 
 #include "includes.h"
-RCSID("$OpenBSD: sftp-int.c,v 1.38 2001/07/09 07:04:53 deraadt Exp $");
+RCSID("$OpenBSD: sftp-int.c,v 1.39 2001/07/31 12:42:50 jakob Exp $");
 
 #include "buffer.h"
 #include "xmalloc.h"
@@ -204,7 +204,8 @@
 
 	ret = xmalloc(len);
 	strlcpy(ret, p1, len);
-	strlcat(ret, "/", len);
+	if (strcmp(p1, "/") != 0) 
+		strlcat(ret, "/", len);
 	strlcat(ret, p2, len);
 
 	return(ret);

diff --git a/sftp-server.c b/sftp-server.c
index 5f1b37b..2ef9753 100644
--- a/sftp-server.c
+++ b/sftp-server.c

@@ -22,7 +22,7 @@
  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 #include "includes.h"
-RCSID("$OpenBSD: sftp-server.c,v 1.29 2001/06/25 08:25:40 markus Exp $");
+RCSID("$OpenBSD: sftp-server.c,v 1.30 2001/07/31 12:42:50 jakob Exp $");
 
 #include "buffer.h"
 #include "bufaux.h"
@@ -756,8 +756,8 @@
 				stats = xrealloc(stats, nstats * sizeof(Stat));
 			}
 /* XXX OVERFLOW ? */
-			snprintf(pathname, sizeof pathname,
-			    "%s/%s", path, dp->d_name);
+			snprintf(pathname, sizeof pathname, "%s%s%s", path,
+			    strcmp(path, "/") ? "/" : "", dp->d_name);
 			if (lstat(pathname, &st) < 0)
 				continue;
 			stat_to_attrib(&st, &(stats[count].attrib));