scp: disallow empty or current directory

Obtained from: OpenBSD scp.c 1.198 Security: CVE-2018-20685 Sponsored by: The FreeBSD Foundation
author: Ed Maste <emaste@FreeBSD.org> 2019-01-15 15:35:14 +0000
committer: Ed Maste <emaste@FreeBSD.org> 2019-01-15 15:35:14 +0000
commit: d366f891b12ce2802752fe6cde1e39e5003eb656 (patch)
tree: 2bf57b02d3270a90f4f9f5325c8526a21c0210c1 /crypto
parent: cd0c606fda6c826782634a6ca7c7f10bb0750ea1 (diff)
download: src-test2-d366f891b12ce2802752fe6cde1e39e5003eb656.tar.gz
src-test2-d366f891b12ce2802752fe6cde1e39e5003eb656.zip
1 files changed, 2 insertions, 1 deletions
diff --git a/crypto/openssh/scp.c b/crypto/openssh/scp.c
index 60682c68769b..817880206684 100644
--- a/crypto/openssh/scp.c
+++ b/crypto/openssh/scp.c
@@ -1106,7 +1106,8 @@ sink(int argc, char **argv)
 			SCREWUP("size out of range");
 		size = (off_t)ull;
 
-		if ((strchr(cp, '/') != NULL) || (strcmp(cp, "..") == 0)) {
+		if (*cp == '\0' || strchr(cp, '/') != NULL ||
+		    strcmp(cp, ".") == 0 || strcmp(cp, "..") == 0) {
 			run_err("error: unexpected filename: %s", cp);
 			exit(1);
 		}
author	Ed Maste <emaste@FreeBSD.org>	2019-01-15 15:35:14 +0000
committer	Ed Maste <emaste@FreeBSD.org>	2019-01-15 15:35:14 +0000
commit	d366f891b12ce2802752fe6cde1e39e5003eb656 (patch)
tree	2bf57b02d3270a90f4f9f5325c8526a21c0210c1 /crypto
parent	cd0c606fda6c826782634a6ca7c7f10bb0750ea1 (diff)
download	src-test2-d366f891b12ce2802752fe6cde1e39e5003eb656.tar.gz src-test2-d366f891b12ce2802752fe6cde1e39e5003eb656.zip