diff options
| author | Damien Miller <djm@mindrot.org> | 2006-01-31 22:06:14 +1100 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2006-01-31 22:06:14 +1100 |
| commit | 7410ad79f85a62361a6e40ac4ea11e6504408666 (patch) | |
| tree | e89ac045835872e0c574cf5e5ef22836ab8426ce | |
| parent | 0b996462f842e6b5a5d409ad4538e1779dd69bf6 (diff) | |
- djm@cvs.openbsd.org 2006/01/31 10:23:23
[scp.sh]
regression test for CVE-2006-0225 written by dtucker@
| -rw-r--r-- | ChangeLog | 5 | ||||
| -rw-r--r-- | regress/scp.sh | 9 |
2 files changed, 12 insertions, 2 deletions
@@ -63,6 +63,9 @@ - djm@cvs.openbsd.org 2006/01/27 06:49:21 [scp.sh] regress test for local to local scp copies; ok dtucker@ + - djm@cvs.openbsd.org 2006/01/31 10:23:23 + [scp.sh] + regression test for CVE-2006-0225 written by dtucker@ 20060129 - (dtucker) [configure.ac opensshd.init.in] Bug #1144: Use /bin/sh for the @@ -3788,4 +3791,4 @@ - (djm) Trim deprecated options from INSTALL. Mention UsePAM - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu -$Id: ChangeLog,v 1.4109 2006/01/31 11:05:23 djm Exp $ +$Id: ChangeLog,v 1.4110 2006/01/31 11:06:14 djm Exp $ diff --git a/regress/scp.sh b/regress/scp.sh index 02f54101..bfda670b 100644 --- a/regress/scp.sh +++ b/regress/scp.sh @@ -1,4 +1,4 @@ -# $OpenBSD: scp.sh,v 1.5 2006/01/27 06:49:21 djm Exp $ +# $OpenBSD: scp.sh,v 1.6 2006/01/31 10:23:23 djm Exp $ # Placed in the Public Domain. tid="scp" @@ -82,6 +82,13 @@ cp ${DATA} ${DIR}/copy $SCP $scpopts -r somehost:${DIR} ${DIR2} || fail "copy failed" diff ${DIFFOPT} ${DIR} ${DIR2} || fail "corrupted copy" +verbose "$tid: shell metacharacters" +scpclean +(cd ${DIR} && \ +touch '`touch metachartest`' && \ +$SCP $scpopts *metachar* ${DIR2} 2>/dev/null; \ +[ ! -f metachartest ] ) || fail "shell metacharacters" + if [ ! -z "$SUDO" ]; then verbose "$tid: skipped file after scp -p with failed chown+utimes" scpclean |