- djm@cvs.openbsd.org 2006/01/31 10:23:23

author djm <djm>

Tue, 31 Jan 2006 11:06:14 +0000 (11:06 +0000)

committer djm <djm>

Tue, 31 Jan 2006 11:06:14 +0000 (11:06 +0000)
author djm <djm>
Tue, 31 Jan 2006 11:06:14 +0000 (11:06 +0000)
committer djm <djm>
Tue, 31 Jan 2006 11:06:14 +0000 (11:06 +0000)
diff --git a/ChangeLog b/ChangeLog

index 2905200ed5ab4798cf97db00a6afc7fc97692130..f211ebcd893fee46065d6901474c016a1ca22320 100644 (file)
--- a/ChangeLog
+++ b/ChangeLog
@@ -63,6 +63,9 @@
     - djm@cvs.openbsd.org 2006/01/27 06:49:21
       [scp.sh]
       regress test for local to local scp copies; ok dtucker@
+   - djm@cvs.openbsd.org 2006/01/31 10:23:23
+     [scp.sh]
+     regression test for CVE-2006-0225 written by dtucker@
  
  20060129
   - (dtucker) [configure.ac opensshd.init.in] Bug #1144: Use /bin/sh for the
diff --git a/regress/scp.sh b/regress/scp.sh

index 02f541011f0bd7de11a419f3abd1ca6af64c3e7f..bfda670bbbafcceb763870c6150effd0d968b911 100644 (file)
--- a/regress/scp.sh
+++ b/regress/scp.sh
@@ -1,4 +1,4 @@
-#      $OpenBSD: scp.sh,v 1.5 2006/01/27 06:49:21 djm Exp $
+#      $OpenBSD: scp.sh,v 1.6 2006/01/31 10:23:23 djm Exp $
  #      Placed in the Public Domain.
  
  tid="scp"
@@ -82,6 +82,13 @@ cp ${DATA} ${DIR}/copy
  $SCP $scpopts -r somehost:${DIR} ${DIR2} || fail "copy failed"
  diff ${DIFFOPT} ${DIR} ${DIR2} || fail "corrupted copy"
  
+verbose "$tid: shell metacharacters"
+scpclean
+(cd ${DIR} && \
+touch '`touch metachartest`' && \
+$SCP $scpopts *metachar* ${DIR2} 2>/dev/null; \
+[ ! -f metachartest ] ) || fail "shell metacharacters"
+
  if [ ! -z "$SUDO" ]; then
         verbose "$tid: skipped file after scp -p with failed chown+utimes"
         scpclean
author	djm <djm>
	Tue, 31 Jan 2006 11:06:14 +0000 (11:06 +0000)
committer	djm <djm>
	Tue, 31 Jan 2006 11:06:14 +0000 (11:06 +0000)
ChangeLog		patch \| blob \| blame \| history
regress/scp.sh		patch \| blob \| blame \| history