diff options
| author | Darren Tucker <dtucker@zip.com.au> | 2010-01-09 12:28:03 +0100 |
|---|---|---|
| committer | Darren Tucker <dtucker@zip.com.au> | 2010-01-09 12:28:03 +0100 |
| commit | 70cc092817a61af78c751b8f7a8ac5dcabfeae00 (patch) | |
| tree | 224c142521964990c93c54f3e073c43a6669fee0 /sftp.c | |
| parent | - dtucker@cvs.openbsd.org 2010/01/09 05:17:00 (diff) | |
| download | openssh-70cc092817a61af78c751b8f7a8ac5dcabfeae00.tar.xz openssh-70cc092817a61af78c751b8f7a8ac5dcabfeae00.zip | |
- dtucker@cvs.openbsd.org 2010/01/09 11:13:02
[sftp.c]
Prevent sftp from derefing a null pointer when given a "-" without a
command. Also, allow whitespace to follow a "-". bz#1691, path from
Colin Watson via Debian. ok djm@ deraadt@
Diffstat (limited to 'sftp.c')
| -rw-r--r-- | sftp.c | 11 |
1 files changed, 6 insertions, 5 deletions
@@ -1,4 +1,4 @@ -/* $OpenBSD: sftp.c,v 1.117 2010/01/08 21:50:49 dtucker Exp $ */ +/* $OpenBSD: sftp.c,v 1.118 2010/01/09 11:13:02 dtucker Exp $ */ /* * Copyright (c) 2001-2004 Damien Miller <djm@openbsd.org> * @@ -1112,17 +1112,18 @@ parse_args(const char **cpp, int *pflag, int *rflag, int *lflag, int *iflag, /* Skip leading whitespace */ cp = cp + strspn(cp, WHITESPACE); - /* Ignore blank lines and lines which begin with comment '#' char */ - if (*cp == '\0' || *cp == '#') - return (0); - /* Check for leading '-' (disable error processing) */ *iflag = 0; if (*cp == '-') { *iflag = 1; cp++; + cp = cp + strspn(cp, WHITESPACE); } + /* Ignore blank lines and lines which begin with comment '#' char */ + if (*cp == '\0' || *cp == '#') + return (0); + if ((argv = makeargv(cp, &argc, 0, NULL, NULL)) == NULL) return -1; |