diff options
author | guido <guido@FreeBSD.org> | 1997-11-17 19:29:16 +0000 |
---|---|---|
committer | guido <guido@FreeBSD.org> | 1997-11-17 19:29:16 +0000 |
commit | d692b6bcbf874acd8affe479218c0899ede298db (patch) | |
tree | c74253c9ab94565cf06acd3dbecdd3b9d80c93fd /usr.bin | |
parent | a37ef2f5b28f007910f36989aecb050985ab27a1 (diff) | |
download | FreeBSD-src-d692b6bcbf874acd8affe479218c0899ede298db.zip FreeBSD-src-d692b6bcbf874acd8affe479218c0899ede298db.tar.gz |
Make sure you do not get unexpected surprises whena remote file starts with '|'.
Reviewed by: Joerg Wunsch
Diffstat (limited to 'usr.bin')
-rw-r--r-- | usr.bin/ftp/cmds.c | 15 |
1 files changed, 13 insertions, 2 deletions
diff --git a/usr.bin/ftp/cmds.c b/usr.bin/ftp/cmds.c index 2232553..ac77f4b 100644 --- a/usr.bin/ftp/cmds.c +++ b/usr.bin/ftp/cmds.c @@ -1,4 +1,4 @@ -/* $Id: cmds.c,v 1.8 1997/06/27 09:30:01 ache Exp $ */ +/* $Id: cmds.c,v 1.9 1997/06/27 10:21:22 ache Exp $ */ /* $NetBSD: cmds.c,v 1.24 1997/05/17 19:44:36 pk Exp $ */ /* @@ -38,7 +38,7 @@ #if 0 static char sccsid[] = "@(#)cmds.c 8.6 (Berkeley) 10/9/94"; #else -static char rcsid[] = "$Id: cmds.c,v 1.8 1997/06/27 09:30:01 ache Exp $"; +static char rcsid[] = "$Id: cmds.c,v 1.9 1997/06/27 10:21:22 ache Exp $"; #endif #endif /* not lint */ @@ -457,6 +457,10 @@ getit(argc, argv, restartit, mode) if (argc == 2) { argc++; argv[2] = argv[1]; + if (*argv[1] == '|' && !another(&argc, &argv, "(Warning: remote file starts with '|') local-file")) { + code = -1; + return (0); + } loc++; } if (argc < 2 && !another(&argc, &argv, "remote-file")) @@ -578,6 +582,13 @@ mget(argc, argv) mflag = 0; continue; } + if (!interactive && *cp == '|') { + printf("skipping %s for security reasons\n", cp); + sleep(2); + continue; + } else if (*cp == '|') { + printf("Note: next file starts with '|', which runs it through a pipe\n"); + } if (mflag && confirm(argv[0], cp)) { tp = cp; if (mcase) { |