=================================================================== RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/ssh/Attic/sftp-int.c,v retrieving revision 1.60 retrieving revision 1.61 diff -u -r1.60 -r1.61 --- src/usr.bin/ssh/Attic/sftp-int.c 2003/05/15 03:43:59 1.60 +++ src/usr.bin/ssh/Attic/sftp-int.c 2003/07/19 00:45:53 1.61 @@ -25,7 +25,7 @@ /* XXX: recursive operations */ #include "includes.h" -RCSID("$OpenBSD: sftp-int.c,v 1.60 2003/05/15 03:43:59 mouring Exp $"); +RCSID("$OpenBSD: sftp-int.c,v 1.61 2003/07/19 00:45:53 djm Exp $"); #include @@ -334,7 +334,7 @@ { const char *cp = *cpp, *end; char quot; - int i; + int i, j; cp += strspn(cp, WHITESPACE); if (!*cp) { @@ -343,37 +343,54 @@ return (0); } + *path = xmalloc(strlen(cp) + 1); + /* Check for quoted filenames */ if (*cp == '\"' || *cp == '\'') { quot = *cp++; - end = strchr(cp, quot); - if (end == NULL) { - error("Unterminated quote"); - goto fail; + /* Search for terminating quote, unescape some chars */ + for (i = j = 0; i <= strlen(cp); i++) { + if (cp[i] == quot) { /* Found quote */ + (*path)[j] = '\0'; + break; + } + if (cp[i] == '\0') { /* End of string */ + error("Unterminated quote"); + goto fail; + } + if (cp[i] == '\\') { /* Escaped characters */ + i++; + if (cp[i] != '\'' && cp[i] != '\"' && + cp[i] != '\\') { + error("Bad escaped character '\%c'", + cp[i]); + goto fail; + } + } + (*path)[j++] = cp[i]; } - if (cp == end) { + + if (j == 0) { error("Empty quotes"); goto fail; } - *cpp = end + 1 + strspn(end + 1, WHITESPACE); + *cpp = cp + i + strspn(cp + i, WHITESPACE); } else { /* Read to end of filename */ end = strpbrk(cp, WHITESPACE); if (end == NULL) end = strchr(cp, '\0'); *cpp = end + strspn(end, WHITESPACE); + + memcpy(*path, cp, end - cp); + (*path)[end - cp] = '\0'; } + return (0); - i = end - cp; - - *path = xmalloc(i + 1); - memcpy(*path, cp, i); - (*path)[i] = '\0'; - return(0); - fail: - *path = NULL; + xfree(*path); + *path = NULL; return (-1); }