Module Name:src
Committed By: msaitoh
Date: Mon Oct 27 12:22:39 UTC 2014
Modified Files:
src/usr.bin/ftp [netbsd-5-1]: fetch.c
Log Message:
Pull up following revision(s) (requested by jmcneill in ticket #1928):
usr.bin/ftp/fetch.c: revision 1.206 via patch
don't pay attention to special characters if they don't come from the command
line (from jmcneill)
To generate a diff of this commit:
cvs rdiff -u -r1.185 -r1.185.14.1 src/usr.bin/ftp/fetch.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/usr.bin/ftp/fetch.c
diff -u src/usr.bin/ftp/fetch.c:1.185 src/usr.bin/ftp/fetch.c:1.185.14.1
--- src/usr.bin/ftp/fetch.c:1.185 Mon Apr 28 20:24:13 2008
+++ src/usr.bin/ftp/fetch.c Mon Oct 27 12:22:39 2014
@@ -1,4 +1,4 @@
-/* $NetBSD: fetch.c,v 1.185 2008/04/28 20:24:13 martin Exp $ */
+/* $NetBSD: fetch.c,v 1.185.14.1 2014/10/27 12:22:39 msaitoh Exp $ */
/*-
* Copyright (c) 1997-2008 The NetBSD Foundation, Inc.
@@ -34,7 +34,7 @@
#include sys/cdefs.h
#ifndef lint
-__RCSID($NetBSD: fetch.c,v 1.185 2008/04/28 20:24:13 martin Exp $);
+__RCSID($NetBSD: fetch.c,v 1.185.14.1 2014/10/27 12:22:39 msaitoh Exp $);
#endif /* not lint */
/*
@@ -537,7 +537,7 @@ fetch_url(const char *url, const char *p
url_decode(decodedpath);
if (outfile)
- savefile = ftp_strdup(outfile);
+ savefile = outfile;
else {
cp = strrchr(decodedpath, '/'); /* find savefile */
if (cp != NULL)
@@ -561,8 +561,7 @@ fetch_url(const char *url, const char *p
rangestart = rangeend = entitylen = -1;
mtime = -1;
if (restartautofetch) {
- if (strcmp(savefile, -) != 0 *savefile != '|'
- stat(savefile, sb) == 0)
+ if (stat(savefile, sb) == 0)
restart_point = sb.st_size;
}
if (urltype == FILE_URL_T) { /* file:// URLs */
@@ -1087,18 +1086,27 @@ fetch_url(const char *url, const char *p
}
} /* end of ftp:// or http:// specific setup */
- /* Open the output file. */
- if (strcmp(savefile, -) == 0) {
- fout = stdout;
- } else if (*savefile == '|') {
- oldintp = xsignal(SIGPIPE, SIG_IGN);
- fout = popen(savefile + 1, w);
- if (fout == NULL) {
- warn(Can't execute `%s', savefile + 1);
- goto cleanup_fetch_url;
+ /* Open the output file. */
+
+ /*
+ * Only trust filenames with special meaning if they came from
+ * the command line
+ */
+
+ if (savefile == outfile) {
+ if (strcmp(savefile, -) == 0) {
+ fout = stdout;
+ } else if (*savefile == '|') {
+ oldintp = xsignal(SIGPIPE, SIG_IGN);
+ fout = popen(savefile + 1, w);
+ if (fout == NULL) {
+warn(Can't execute `%s', savefile + 1);
+goto cleanup_fetch_url;
+ }
+ closefunc = pclose;
}
- closefunc = pclose;
- } else {
+ }
+ if (fout == NULL) {
if ((rangeend != -1 rangeend = restart_point) ||
(rangestart == -1 filesize != -1 filesize = restart_point)) {
/* already done */
@@ -1308,7 +1316,8 @@ fetch_url(const char *url, const char *p
(*closefunc)(fout);
if (res0)
freeaddrinfo(res0);
- FREEPTR(savefile);
+ if (savefile != outfile)
+ FREEPTR(savefile);
FREEPTR(user);
if (pass != NULL)
memset(pass, 0, strlen(pass));