bugzilla-daemon at bugzilla.mindrot.org
2019-Sep-10 13:31 UTC
[Bug 3069] New: sftp issues with [ or ] in path name
https://bugzilla.mindrot.org/show_bug.cgi?id=3069
Bug ID: 3069
Summary: sftp issues with [ or ] in path name
Product: Portable OpenSSH
Version: 8.0p1
Hardware: Other
OS: Linux
Status: NEW
Severity: normal
Priority: P5
Component: sftp
Assignee: unassigned-bugs at mindrot.org
Reporter: andreas at canonical.com
openssh portable 8.0p1-4 from debian/ubuntu
Hi,
sftp can't fetch files that are inside a directory with [ or ]
characters. It can "cd" just fine into them, but fetching the file
fails:
$ sftp squid-ds216.lxd
Connected to squid-ds216.lxd.
sftp> ls -l
drwxrwxr-x 2 ubuntu ubuntu 3 Sep 10 13:21 [pub]
drwxr-xr-x 2 ubuntu ubuntu 2 Sep 5 20:40 bzr
sftp> cd \[pub\]
sftp> ls -l
-rw-rw-r-- 1 ubuntu ubuntu 12 Sep 10 13:21 hello.txt
sftp> get hello.txt
File "/home/ubuntu/[pub]/hello.txt" not found.
$ ssh squid-ds216.lxd
...
$ ls -lad \[pub\]
drwxrwxr-x 2 ubuntu ubuntu 3 Sep 10 13:21 '[pub]'
$ cd \[pub\]/
$ ls -la
total 10
drwxrwxr-x 2 ubuntu ubuntu 3 Sep 10 13:21 .
drwxr-xr-x 7 ubuntu ubuntu 17 Sep 10 13:21 ..
-rw-rw-r-- 1 ubuntu ubuntu 12 Sep 10 13:21 hello.txt
--
You are receiving this mail because:
You are watching the assignee of the bug.
bugzilla-daemon at mindrot.org
2020-Aug-07 04:25 UTC
[Bug 3069] sftp issues with [ or ] in path name
https://bugzilla.mindrot.org/show_bug.cgi?id=3069
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |djm at mindrot.org,
| |dtucker at dtucker.net
Attachment #3440| |ok?(dtucker at dtucker.net)
Flags| |
--- Comment #1 from Damien Miller <djm at mindrot.org> ---
Created attachment 3440
--> https://bugzilla.mindrot.org/attachment.cgi?id=3440&action=edit
Retry unglobbed filename on get remote_glob failure
I think this should fix it.
Filenames for sftp get commands are processed using remote_glob() to
wildcard-expand them. In this case it was interpreting and eating the
special characters.
This patch makes the remote_glob() call return the original, unmodified
filename when expansion fails. Pretty much every other remote_glob()
call in the sftp client already does this for precisely this reason.
--
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
bugzilla-daemon at mindrot.org
2020-Aug-07 04:26 UTC
[Bug 3069] sftp issues with [ or ] in path name
https://bugzilla.mindrot.org/show_bug.cgi?id=3069
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Blocks| |3162
Referenced Bugs:
https://bugzilla.mindrot.org/show_bug.cgi?id=3162
[Bug 3162] Tracking bug for 8.4 release
--
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.
bugzilla-daemon at mindrot.org
2020-Aug-07 07:41 UTC
[Bug 3069] sftp issues with [ or ] in path name
https://bugzilla.mindrot.org/show_bug.cgi?id=3069
Darren Tucker <dtucker at dtucker.net> changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #3440|ok?(dtucker at dtucker.net) |ok+
Flags| |
--
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.
bugzilla-daemon at mindrot.org
2020-Oct-02 04:49 UTC
[Bug 3069] sftp issues with [ or ] in path name
https://bugzilla.mindrot.org/show_bug.cgi?id=3069
Darren Tucker <dtucker at dtucker.net> changed:
What |Removed |Added
----------------------------------------------------------------------------
Blocks| |3217
Referenced Bugs:
https://bugzilla.mindrot.org/show_bug.cgi?id=3217
[Bug 3217] Tracking bug for 8.5 release
--
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
bugzilla-daemon at mindrot.org
2020-Oct-02 04:52 UTC
[Bug 3069] sftp issues with [ or ] in path name
https://bugzilla.mindrot.org/show_bug.cgi?id=3069
Darren Tucker <dtucker at dtucker.net> changed:
What |Removed |Added
----------------------------------------------------------------------------
Blocks|3162 |
Referenced Bugs:
https://bugzilla.mindrot.org/show_bug.cgi?id=3162
[Bug 3162] Tracking bug for 8.4 release
--
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
bugzilla-daemon at mindrot.org
2021-Mar-03 22:47 UTC
[Bug 3069] sftp issues with [ or ] in path name
https://bugzilla.mindrot.org/show_bug.cgi?id=3069
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Blocks| |3270
--- Comment #2 from Damien Miller <djm at mindrot.org> ---
retarget to 8.6
Referenced Bugs:
https://bugzilla.mindrot.org/show_bug.cgi?id=3270
[Bug 3270] Tracking bug for 8.6 release
--
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
bugzilla-daemon at mindrot.org
2021-Mar-03 22:50 UTC
[Bug 3069] sftp issues with [ or ] in path name
https://bugzilla.mindrot.org/show_bug.cgi?id=3069
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Blocks|3217 |
Referenced Bugs:
https://bugzilla.mindrot.org/show_bug.cgi?id=3217
[Bug 3217] Tracking bug for 8.5 release
--
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
bugzilla-daemon at mindrot.org
2021-Apr-23 04:49 UTC
[Bug 3069] sftp issues with [ or ] in path name
https://bugzilla.mindrot.org/show_bug.cgi?id=3069
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Blocks| |3302
Referenced Bugs:
https://bugzilla.mindrot.org/show_bug.cgi?id=3302
[Bug 3302] Tracking bug for openssh-8.7
--
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.
bugzilla-daemon at mindrot.org
2021-Apr-23 04:50 UTC
[Bug 3069] sftp issues with [ or ] in path name
https://bugzilla.mindrot.org/show_bug.cgi?id=3069 --- Comment #3 from Damien Miller <djm at mindrot.org> --- retarget after 8.6p1 release -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug.
bugzilla-daemon at mindrot.org
2022-Feb-25 02:52 UTC
[Bug 3069] sftp issues with [ or ] in path name
https://bugzilla.mindrot.org/show_bug.cgi?id=3069
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Blocks| |3395
Referenced Bugs:
https://bugzilla.mindrot.org/show_bug.cgi?id=3395
[Bug 3395] Tracking bug for openssh-9.0
--
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.
bugzilla-daemon at mindrot.org
2022-Feb-25 02:52 UTC
[Bug 3069] sftp issues with [ or ] in path name
https://bugzilla.mindrot.org/show_bug.cgi?id=3069
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Blocks|3302 |
Referenced Bugs:
https://bugzilla.mindrot.org/show_bug.cgi?id=3302
[Bug 3302] Tracking bug for openssh-8.7
--
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.
bugzilla-daemon at mindrot.org
2022-Apr-08 01:58 UTC
[Bug 3069] sftp issues with [ or ] in path name
https://bugzilla.mindrot.org/show_bug.cgi?id=3069
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Blocks| |3418
Referenced Bugs:
https://bugzilla.mindrot.org/show_bug.cgi?id=3418
[Bug 3418] tracking bug for openssh-9.1
--
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.
bugzilla-daemon at mindrot.org
2022-Apr-08 02:01 UTC
[Bug 3069] sftp issues with [ or ] in path name
https://bugzilla.mindrot.org/show_bug.cgi?id=3069
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Blocks|3395 |
Referenced Bugs:
https://bugzilla.mindrot.org/show_bug.cgi?id=3395
[Bug 3395] Tracking bug for openssh-9.0
--
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.
bugzilla-daemon at mindrot.org
2022-Oct-04 10:56 UTC
[Bug 3069] sftp issues with [ or ] in path name
https://bugzilla.mindrot.org/show_bug.cgi?id=3069
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Blocks| |3480
Referenced Bugs:
https://bugzilla.mindrot.org/show_bug.cgi?id=3480
[Bug 3480] tracking bug for openssh-9.1
--
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
bugzilla-daemon at mindrot.org
2022-Oct-04 10:56 UTC
[Bug 3069] sftp issues with [ or ] in path name
https://bugzilla.mindrot.org/show_bug.cgi?id=3069
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Blocks|3418 |
Referenced Bugs:
https://bugzilla.mindrot.org/show_bug.cgi?id=3418
[Bug 3418] tracking bug for openssh-9.1
--
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
bugzilla-daemon at mindrot.org
2022-Nov-13 20:20 UTC
[Bug 3069] sftp issues with [ or ] in path name
https://bugzilla.mindrot.org/show_bug.cgi?id=3069
Colin Watson <cjwatson at debian.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |cjwatson at debian.org
--- Comment #4 from Colin Watson <cjwatson at debian.org> ---
I wondered whether this change from the OpenSSH 9.1/9.1p1 release notes
might relate to this bug:
* sftp(1), scp(1): when performing operations that glob(3) a remote
path, ensure that the implicit working directory used to construct
that path escapes glob(3) characters. This prevents glob characters
from being processed in places they shouldn't, e.g. "cd
/tmp/a*/",
"get *.txt" should have the get operation treat the path
"/tmp/a*"
literally and not attempt to expand it.
It doesn't seem to have used the same patch as Damien posted here in
2020, but nevertheless the bug seems to be fixed: I can no longer
reproduce it using Andreas's procedure. Should this be closed?
--
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
bugzilla-daemon at mindrot.org
2023-Feb-04 06:55 UTC
[Bug 3069] sftp issues with [ or ] in path name
https://bugzilla.mindrot.org/show_bug.cgi?id=3069
Darren Tucker <dtucker at dtucker.net> changed:
What |Removed |Added
----------------------------------------------------------------------------
Blocks| |3533
Referenced Bugs:
https://bugzilla.mindrot.org/show_bug.cgi?id=3533
[Bug 3533] tracking bug for openssh-9.3
--
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
bugzilla-daemon at mindrot.org
2023-Feb-04 06:57 UTC
[Bug 3069] sftp issues with [ or ] in path name
https://bugzilla.mindrot.org/show_bug.cgi?id=3069
Darren Tucker <dtucker at dtucker.net> changed:
What |Removed |Added
----------------------------------------------------------------------------
Blocks|3480 |
Referenced Bugs:
https://bugzilla.mindrot.org/show_bug.cgi?id=3480
[Bug 3480] tracking bug for openssh-9.2
--
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
bugzilla-daemon at mindrot.org
2023-Mar-17 02:32 UTC
[Bug 3069] sftp issues with [ or ] in path name
https://bugzilla.mindrot.org/show_bug.cgi?id=3069
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Blocks| |3549
Referenced Bugs:
https://bugzilla.mindrot.org/show_bug.cgi?id=3549
[Bug 3549] Tracking bug for OpenSSH 9.4
--
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
bugzilla-daemon at mindrot.org
2023-Mar-17 02:33 UTC
[Bug 3069] sftp issues with [ or ] in path name
https://bugzilla.mindrot.org/show_bug.cgi?id=3069
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Blocks|3533 |
Referenced Bugs:
https://bugzilla.mindrot.org/show_bug.cgi?id=3533
[Bug 3533] tracking bug for openssh-9.3
--
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
bugzilla-daemon at mindrot.org
2023-Oct-11 06:34 UTC
[Bug 3069] sftp issues with [ or ] in path name
https://bugzilla.mindrot.org/show_bug.cgi?id=3069
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Resolution|--- |FIXED
Status|NEW |RESOLVED
--
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.
Apparently Analagous Threads
- remote DoS in sftp via crafted glob expressions (CVE-2010-4755)
- [Bug 3054] New: sftp -R num_requests allows num_requests+1
- [Bug 2049] New: Request for a configurable option for SFTP to display login information to the user after a successful login.
- sftp needs a long time for sending a filelist
- recursive operations in sftp