romenskiy2012/curl
1
0
Fork 0
mirror of https://github.com/curl/curl.git synced 2026-05-30 04:27:30 +03:00
Code Issues Projects Releases Packages Wiki Activity

libssh2: bail out on chgrp and chown number parsing errors

Browse source 
Reported-by: Joshua Rogers
Closes #18863
This commit is contained in:
Daniel Stenberg 2025-10-06 09:02:09 +02:00
parent a80dcb04e3
commit c3adf63ee7
No known key found for this signature in database
GPG key ID: 5CC908FDB71E12C2
1 changed files with 10 additions and 10 deletions
Download patch file Download diff file Expand all files Collapse all files

20
lib/vssh/libssh2.c
View file

@ -1303,11 +1303,11 @@ sftp_quote_stat(struct Curl_easy *data,
if(!strncmp(cmd, "chgrp", 5)) {
const char *p = sshc->quote_path1;
curl_off_t gid;
(void)curlx_str_number(&p, &gid, ULONG_MAX);
sshp->quote_attrs.gid = (unsigned long)gid;
sshp->quote_attrs.flags = LIBSSH2_SFTP_ATTR_UIDGID;
if(sshp->quote_attrs.gid == 0 && !ISDIGIT(sshc->quote_path1[0]) &&
!sshc->acceptfail) {
if(!curlx_str_number(&p, &gid, ULONG_MAX)) {
sshp->quote_attrs.gid = (unsigned long)gid;
sshp->quote_attrs.flags = LIBSSH2_SFTP_ATTR_UIDGID;
}
else if(!sshc->acceptfail) {
failf(data, "Syntax error: chgrp gid not a number");
goto fail;
}
@ -1327,11 +1327,11 @@ sftp_quote_stat(struct Curl_easy *data,
else if(!strncmp(cmd, "chown", 5)) {
const char *p = sshc->quote_path1;
curl_off_t uid;
(void)curlx_str_number(&p, &uid, ULONG_MAX);
sshp->quote_attrs.uid = (unsigned long)uid;
sshp->quote_attrs.flags = LIBSSH2_SFTP_ATTR_UIDGID;
if(sshp->quote_attrs.uid == 0 && !ISDIGIT(sshc->quote_path1[0]) &&
!sshc->acceptfail) {
if(!curlx_str_number(&p, &uid, ULONG_MAX)) {
sshp->quote_attrs.uid = (unsigned long)uid;
sshp->quote_attrs.flags = LIBSSH2_SFTP_ATTR_UIDGID;
}
else if(!sshc->acceptfail) {
failf(data, "Syntax error: chown uid not a number");
goto fail;
}