From owner-freebsd-bugs@FreeBSD.ORG Sun Apr 18 05:20:07 2004 Return-Path: Delivered-To: freebsd-bugs@hub.freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id BCD6A16A4CE for ; Sun, 18 Apr 2004 05:20:07 -0700 (PDT) Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id 9F3DE43D48 for ; Sun, 18 Apr 2004 05:20:07 -0700 (PDT) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) i3ICK7bv038024 for ; Sun, 18 Apr 2004 05:20:07 -0700 (PDT) (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.12.10/8.12.10/Submit) id i3ICK7fI038023; Sun, 18 Apr 2004 05:20:07 -0700 (PDT) (envelope-from gnats) Resent-Date: Sun, 18 Apr 2004 05:20:07 -0700 (PDT) Resent-Message-Id: <200404181220.i3ICK7fI038023@freefall.freebsd.org> Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer) Resent-To: freebsd-bugs@FreeBSD.org Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, hburch+@cs.cmu.edu Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 28A5416A4CE for ; Sun, 18 Apr 2004 05:18:02 -0700 (PDT) Received: from gs10.sp.cs.cmu.edu (GS10.SP.CS.CMU.EDU [128.2.198.127]) by mx1.FreeBSD.org (Postfix) with SMTP id C496D43D54 for ; Sun, 18 Apr 2004 05:18:01 -0700 (PDT) (envelope-from Hal_Burch@gs10.sp.cs.cmu.edu) Received: from gs10.sp.cs.cmu.edu ([127.0.0.1]) by gs10.sp.cs.cmu.edu id aa30281; 18 Apr 2004 8:17 EDT Message-Id: <20040418121801.C496D43D54@mx1.FreeBSD.org> Date: Sun, 18 Apr 2004 08:17:24 -0400 From: Hal Burch To: FreeBSD-gnats-submit@FreeBSD.org X-Send-Pr-Version: 3.113 Subject: bin/65707: scp does not deal with local file copies with spaces X-BeenThere: freebsd-bugs@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: hburch+@cs.cmu.edu List-Id: Bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 18 Apr 2004 12:20:07 -0000 >Number: 65707 >Category: bin >Synopsis: scp does not deal with local file copies with spaces >Confidential: no >Severity: non-critical >Priority: medium >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Sun Apr 18 05:20:07 PDT 2004 >Closed-Date: >Last-Modified: >Originator: Hal Burch >Release: FreeBSD 4.9-RC i386 >Organization: >Environment: System: FreeBSD hburch-lap.hburch.com 4.9-RC FreeBSD 4.9-RC #24: Fri Dec 26 11:16:36 EST 2003 hburch@hburch-lap.hburch.com:/usr/src/sys/compile/LOCAL i386 $ ssh -V OpenSSH_3.5p1 FreeBSD-20030201, SSH protocols 1.5/2.0, OpenSSL 0x0090701f >Description: If you scp a list of local files to a local directory, scp execs cp to do its work. If a filename has spaces in it, this process converts them to separate filenames. I was concerned about this being a possible security problem if you had filenames with backspace characters or newlines. After looking at the code and testing some examples, this does not appear to be a problem. However, this could cause unintended consequences (copy a different file than expected). >How-To-Repeat: hburch-lap:~ $ mkdir tdir hburch-lap:~ $ cd tdir hburch-lap:~/tdir $ touch "a b" hburch-lap:~/tdir $ scp * /tmp cp: b: No such file or directory cp: a: No such file or directory Not certain what is going on here, though: hburch-lap:~/tdir $ touch 'c > d' hburch-lap:~/tdir $ scp * /tmp cp: b: No such file or directory cp: a: No such file or directory usage: cp [-R [-H | -L | -P]] [-f | -i | -n] [-pv] src target cp [-R [-H | -L | -P]] [-f | -i | -n] [-pv] src1 ... srcN directory >Fix: tolocal() execs cp for each argument by itself. This may be as simple as adding double quotes around the argv[i] %s, but I did not test that. >Release-Note: >Audit-Trail: >Unformatted: