Home Explore Help
Sign In
jahway603
/
libreCMC
forked from libreCMC/libreCMC
1
0
Fork 0
Files
Tree: 5739ca0500
Branches Tags
libreCMC
/
package
/
network
/
services
/
dropbear
/
patches
/
001-fix-CVE-2020-36254.patch

001-fix-CVE-2020-36254.patch 700 B
History Raw

123456789101112131415161718192021 
  1. From 8f8a3dff705fad774a10864a2e3dbcfa9779ceff Mon Sep 17 00:00:00 2001
    2. 

  2. From: Haelwenn Monnier <contact+github.com@hacktivis.me>
    3. 

  3. Date: Mon, 25 May 2020 14:54:29 +0200
    4. 

  4. Subject: [PATCH] scp.c: Port OpenSSH CVE-2018-20685 fix (#80)
    5. 

  5. 

  6. ---
    7. 

  7.  scp.c | 3 ++-
    8. 

  8.  1 file changed, 2 insertions(+), 1 deletion(-)
    9. 

  9. 

  10. --- a/scp.c
    11. 

  11. +++ b/scp.c
    12. 

  12. @@ -935,7 +935,8 @@ sink(int argc, char **argv)
    13. 

  13.  			size = size * 10 + (*cp++ - '0');
    14. 

  14.  		if (*cp++ != ' ')
    15. 

  15.  			SCREWUP("size not delimited");
    16. 

  16. -		if ((strchr(cp, '/') != NULL) || (strcmp(cp, "..") == 0)) {
    17. 

  17. +		if (*cp == '\0' || strchr(cp, '/') != NULL ||
    18. 

  18. +		    strcmp(cp, ".") == 0 || strcmp(cp, "..") == 0) {
    19. 

  19.  			run_err("error: unexpected filename: %s", cp);
    20. 

  20.  			exit(1);
    21. 

  21.  		}
    22.