- djm@cvs.openbsd.org 2003/01/14 10:58:00

[sftp-client.c sftp-int.c]
     Don't try to upload or download non-regular files. Report from
     apoloval@pantuflo.escet.urjc.es; ok markus@

ChangeLog

@@ -14,6 +14,10 @@
      [sftp-int.c]
      make cmds[] array static to avoid conflict with BSDI libc.
      mindrot bug #466. Fix from mdev@idg.nl; ok markus@
+   - djm@cvs.openbsd.org 2003/01/14 10:58:00
+     [sftp-client.c sftp-int.c]
+     Don't try to upload or download non-regular files. Report from
+     apoloval@pantuflo.escet.urjc.es; ok markus@
 
 20030113
  - (djm) Rework openbsd-compat/setproctitle.c a bit: move emulation type
@@ -1017,4 +1021,4 @@
      save auth method before monitor_reset_key_state(); bugzilla bug #284;
      ok provos@
 
-$Id: ChangeLog,v 1.2571 2003/01/14 11:24:19 djm Exp $
+$Id: ChangeLog,v 1.2572 2003/01/14 11:24:47 djm Exp $

sftp-client.c

@@ -28,7 +28,7 @@
 /* XXX: copy between two remote sites */
 
 #include "includes.h"
-RCSID("$OpenBSD: sftp-client.c,v 1.40 2003/01/10 08:48:15 djm Exp $");
+RCSID("$OpenBSD: sftp-client.c,v 1.41 2003/01/14 10:58:00 djm Exp $");
 
 #include "openbsd-compat/sys-queue.h"
 
@@ -767,8 +767,8 @@ do_download(struct sftp_conn *conn, char *remote_path, char *local_path,
 		mode = 0666;
 
 	if ((a->flags & SSH2_FILEXFER_ATTR_PERMISSIONS) &&
-	    (a->perm & S_IFDIR)) {
+	    (!S_ISREG(a->perm))) {
-		error("Cannot download a directory: %s", remote_path);
+		error("Cannot download non-regular file: %s", remote_path);
 		return(-1);
 	}
 
@@ -1002,6 +1002,11 @@ do_upload(struct sftp_conn *conn, char *local_path, char *remote_path,
 		close(local_fd);
 		return(-1);
 	}
+	if (!S_ISREG(sb.st_mode)) {
+		error("%s is not a regular file", local_path);
+		close(local_fd);
+		return(-1);
+	}
 	stat_to_attrib(&sb, &a);
 
 	a.flags &= ~SSH2_FILEXFER_ATTR_SIZE;

sftp-int.c

@@ -25,7 +25,7 @@
 /* XXX: recursive operations */
 
 #include "includes.h"
-RCSID("$OpenBSD: sftp-int.c,v 1.54 2003/01/13 11:04:04 djm Exp $");
+RCSID("$OpenBSD: sftp-int.c,v 1.55 2003/01/14 10:58:00 djm Exp $");
 
 #include "buffer.h"
 #include "xmalloc.h"
@@ -380,6 +380,17 @@ is_dir(char *path)
 	return(sb.st_mode & S_IFDIR);
 }
 
+static int
+is_reg(char *path)
+{
+	struct stat sb;
+
+	if (stat(path, &sb) == -1)
+		fatal("stat %s: %s", path, strerror(errno));
+
+	return(S_ISREG(sb.st_mode));
+}
+
 static int
 remote_is_dir(struct sftp_conn *conn, char *path)
 {
@@ -494,6 +505,12 @@ process_put(struct sftp_conn *conn, char *src, char *dst, char *pwd, int pflag)
 
 	/* Only one match, dst may be file, directory or unspecified */
 	if (g.gl_pathv[0] && g.gl_matchc == 1) {
+		if (!is_reg(g.gl_pathv[i])) {
+			error("Can't upload %s: not a regular file",
+			    g.gl_pathv[0]);
+			err = 1;
+			goto out;
+		}
 		if (tmp_dst) {
 			/* If directory specified, append filename */
 			if (remote_is_dir(conn, tmp_dst)) {
@@ -525,6 +542,11 @@ process_put(struct sftp_conn *conn, char *src, char *dst, char *pwd, int pflag)
 	}
 
 	for (i = 0; g.gl_pathv[i]; i++) {
+		if (!is_reg(g.gl_pathv[i])) {
+			error("skipping non-regular file %s", 
+			    g.gl_pathv[i]);
+			continue;
+		}
 		if (infer_path(g.gl_pathv[i], &tmp)) {
 			err = -1;
 			goto out;