1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
|
$OpenBSD: patch-src_ftp_c,v 1.1 2002/12/10 18:37:24 brad Exp $
--- src/ftp.c.orig Tue Dec 10 13:08:00 2002
+++ src/ftp.c Tue Dec 10 13:16:22 2002
@@ -1637,6 +1637,7 @@ ftp_retrieve_glob (struct urlinfo *u, cc
{
struct fileinfo *orig, *start;
uerr_t res;
+ struct fileinfo *f;
con->cmd |= LEAVE_PENDING;
@@ -1648,8 +1649,7 @@ ftp_retrieve_glob (struct urlinfo *u, cc
opt.accepts and opt.rejects. */
if (opt.accepts || opt.rejects)
{
- struct fileinfo *f = orig;
-
+ f = orig;
while (f)
{
if (f->type != FT_DIRECTORY && !acceptable (f->name))
@@ -1661,6 +1661,18 @@ ftp_retrieve_glob (struct urlinfo *u, cc
f = f->next;
}
}
+ /* Remove all files with possible harmful names */
+ f = orig;
+ while (f)
+ {
+ if (has_invalid_name(f->name))
+ {
+ logprintf (LOG_VERBOSE, _("Rejecting `%s'.\n"), f->name);
+ f = delelement (f, &start);
+ }
+ else
+ f = f->next;
+ }
/* Now weed out the files that do not match our globbing pattern.
If we are dealing with a globbing pattern, that is. */
if (*u->file && (action == GLOBALL || action == GETONE))
|
