Make sure you do not get unexpected surprises whena remote file starts with '|'.

Reviewed by:	Joerg Wunsch

1 files changed, 13 insertions, 2 deletions

diff --git a/usr.bin/ftp/cmds.c b/usr.bin/ftp/cmds.c
index 2232553..ac77f4b 100644
--- a/usr.bin/ftp/cmds.c
+++ b/usr.bin/ftp/cmds.c
@@ -1,4 +1,4 @@
-/*	$Id: cmds.c,v 1.8 1997/06/27 09:30:01 ache Exp $ */
+/*	$Id: cmds.c,v 1.9 1997/06/27 10:21:22 ache Exp $ */
 /*	$NetBSD: cmds.c,v 1.24 1997/05/17 19:44:36 pk Exp $	*/
 
 /*
@@ -38,7 +38,7 @@
 #if 0
 static char sccsid[] = "@(#)cmds.c	8.6 (Berkeley) 10/9/94";
 #else
-static char rcsid[] = "$Id: cmds.c,v 1.8 1997/06/27 09:30:01 ache Exp $";
+static char rcsid[] = "$Id: cmds.c,v 1.9 1997/06/27 10:21:22 ache Exp $";
 #endif
 #endif /* not lint */
 
@@ -457,6 +457,10 @@ getit(argc, argv, restartit, mode)
 	if (argc == 2) {
 		argc++;
 		argv[2] = argv[1];
+		if (*argv[1] == '|' && !another(&argc, &argv, "(Warning: remote file starts with '|') local-file")) {
+			code = -1;
+			return (0);
+		}
 		loc++;
 	}
 	if (argc < 2 && !another(&argc, &argv, "remote-file"))
@@ -578,6 +582,13 @@ mget(argc, argv)
 			mflag = 0;
 			continue;
 		}
+		if (!interactive && *cp == '|') {
+			printf("skipping %s for security reasons\n", cp);
+			sleep(2);
+			continue;
+		} else if (*cp == '|') {
+			printf("Note: next file starts with '|', which runs it through a pipe\n");
+		}
 		if (mflag && confirm(argv[0], cp)) {
 			tp = cp;
 			if (mcase) {