tyler.durden
/
openssh-portable
mirror of https://github.com/PowerShell/openssh-portable.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

upstream: Plug more mem leaks in sftp by making 

make_absolute_pwd_glob work in the same way as make_absolute: you
pass it a dynamically allocated string and it either returns it, or
frees it and allocates a new one. Patch from emaste at freebsd.org and
https://reviews.freebsd.org/D37253 ok djm@

OpenBSD-Commit-ID: 85f7404e9d47fd28b222fbc412678f3361d2dffc
This commit is contained in:
dtucker@openbsd.org 2023-03-28 07:44:32 +00:00 committed by Darren Tucker
parent 82b2b83269
commit 9ffa76e128
No known key found for this signature in database
2 changed files with 14 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
sftp-client.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: sftp-client.c,v 1.169 2023/03/08 04:43:12 guenther Exp $ */ /* $OpenBSD: sftp-client.c,v 1.170 2023/03/28 07:44:32 dtucker Exp $ */
/* /*
* Copyright (c) 2001-2004 Damien Miller <djm@openbsd.org> * Copyright (c) 2001-2004 Damien Miller <djm@openbsd.org>
* *
@ -2895,6 +2895,10 @@ path_append(const char *p1, const char *p2)
return(ret); return(ret);
} }
/*
* Arg p must be dynamically allocated. It will either be returned or
* freed and a replacement allocated. Caller must free returned string.
*/
char * char *
make_absolute(char *p, const char *pwd) make_absolute(char *p, const char *pwd)
{ {

16
sftp.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: sftp.c,v 1.229 2023/03/12 09:41:18 dtucker Exp $ */ /* $OpenBSD: sftp.c,v 1.230 2023/03/28 07:44:32 dtucker Exp $ */
/* /*
* Copyright (c) 2001-2004 Damien Miller <djm@openbsd.org> * Copyright (c) 2001-2004 Damien Miller <djm@openbsd.org>
* *
@ -616,15 +616,19 @@ escape_glob(const char *s)
return ret; return ret;
} }
/*
* Arg p must be dynamically allocated. make_absolute will either return it
* or free it and and allocate a new one. Caller must free returned string.
*/
static char * static char *
make_absolute_pwd_glob(const char *p, const char *pwd) make_absolute_pwd_glob(char *p, const char *pwd)
{ {
char *ret, *escpwd; char *ret, *escpwd;
escpwd = escape_glob(pwd); escpwd = escape_glob(pwd);
if (p == NULL) if (p == NULL)
return escpwd; return escpwd;
ret = make_absolute(xstrdup(p), escpwd); ret = make_absolute(p, escpwd);
free(escpwd); free(escpwd);
return ret; return ret;
} }
@ -637,7 +641,7 @@ process_get(struct sftp_conn *conn, const char *src, const char *dst,
glob_t g; glob_t g;
int i, r, err = 0; int i, r, err = 0;
abs_src = make_absolute_pwd_glob(src, pwd); abs_src = make_absolute_pwd_glob(xstrdup(src), pwd);
memset(&g, 0, sizeof(g)); memset(&g, 0, sizeof(g));
debug3("Looking up %s", abs_src); debug3("Looking up %s", abs_src);
@ -1997,9 +2001,7 @@ complete_match(EditLine *el, struct sftp_conn *conn, char *remote_path,
memset(&g, 0, sizeof(g)); memset(&g, 0, sizeof(g));
if (remote != LOCAL) { if (remote != LOCAL) {
tmp2 = make_absolute_pwd_glob(tmp, remote_path); tmp = make_absolute_pwd_glob(tmp, remote_path);
free(tmp);
tmp = tmp2;
remote_glob(conn, tmp, GLOB_DOOFFS|GLOB_MARK, NULL, &g); remote_glob(conn, tmp, GLOB_DOOFFS|GLOB_MARK, NULL, &g);
} else } else
glob(tmp, GLOB_DOOFFS|GLOB_MARK, NULL, &g); glob(tmp, GLOB_DOOFFS|GLOB_MARK, NULL, &g);