From 3ca1f5b0215543dbadd1cfb44a1309d80a94dc8a Mon Sep 17 00:00:00 2001
From: djm <djm>
Date: Tue, 31 Jan 2006 11:06:14 +0000
Subject: [PATCH]    - djm@cvs.openbsd.org 2006/01/31 10:23:23      [scp.sh]   
   regression test for CVE-2006-0225 written by dtucker@

---
 ChangeLog      | 3 +++
 regress/scp.sh | 9 ++++++++-
 2 files changed, 11 insertions(+), 1 deletion(-)

diff --git a/ChangeLog b/ChangeLog
index 2905200e..f211ebcd 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -63,6 +63,9 @@
    - djm@cvs.openbsd.org 2006/01/27 06:49:21
      [scp.sh]
      regress test for local to local scp copies; ok dtucker@
+   - djm@cvs.openbsd.org 2006/01/31 10:23:23
+     [scp.sh]
+     regression test for CVE-2006-0225 written by dtucker@
 
 20060129
  - (dtucker) [configure.ac opensshd.init.in] Bug #1144: Use /bin/sh for the
diff --git a/regress/scp.sh b/regress/scp.sh
index 02f54101..bfda670b 100644
--- a/regress/scp.sh
+++ b/regress/scp.sh
@@ -1,4 +1,4 @@
-#	$OpenBSD: scp.sh,v 1.5 2006/01/27 06:49:21 djm Exp $
+#	$OpenBSD: scp.sh,v 1.6 2006/01/31 10:23:23 djm Exp $
 #	Placed in the Public Domain.
 
 tid="scp"
@@ -82,6 +82,13 @@ cp ${DATA} ${DIR}/copy
 $SCP $scpopts -r somehost:${DIR} ${DIR2} || fail "copy failed"
 diff ${DIFFOPT} ${DIR} ${DIR2} || fail "corrupted copy"
 
+verbose "$tid: shell metacharacters"
+scpclean
+(cd ${DIR} && \
+touch '`touch metachartest`' && \
+$SCP $scpopts *metachar* ${DIR2} 2>/dev/null; \
+[ ! -f metachartest ] ) || fail "shell metacharacters"
+
 if [ ! -z "$SUDO" ]; then
 	verbose "$tid: skipped file after scp -p with failed chown+utimes"
 	scpclean
-- 
2.45.2