- djm@cvs.openbsd.org 2006/01/27 06:49:21
[scp.sh]
regress test for local to local scp copies; ok dtucker@
+ - djm@cvs.openbsd.org 2006/01/31 10:23:23
+ [scp.sh]
+ regression test for CVE-2006-0225 written by dtucker@
20060129
- (dtucker) [configure.ac opensshd.init.in] Bug #1144: Use /bin/sh for the
-# $OpenBSD: scp.sh,v 1.5 2006/01/27 06:49:21 djm Exp $
+# $OpenBSD: scp.sh,v 1.6 2006/01/31 10:23:23 djm Exp $
# Placed in the Public Domain.
tid="scp"
$SCP $scpopts -r somehost:${DIR} ${DIR2} || fail "copy failed"
diff ${DIFFOPT} ${DIR} ${DIR2} || fail "corrupted copy"
+verbose "$tid: shell metacharacters"
+scpclean
+(cd ${DIR} && \
+touch '`touch metachartest`' && \
+$SCP $scpopts *metachar* ${DIR2} 2>/dev/null; \
+[ ! -f metachartest ] ) || fail "shell metacharacters"
+
if [ ! -z "$SUDO" ]; then
verbose "$tid: skipped file after scp -p with failed chown+utimes"
scpclean