similar to: [Bug 2428] New: realpath command doesn't work

http://bugzilla.mindrot.org/show_bug.cgi?id=697 Summary: ending slash is not used Product: Portable OpenSSH Version: 3.7.1p1 Platform: PPC OS/Version: AIX Status: NEW Severity: normal Priority: P2 Component: sftp-server AssignedTo: openssh-bugs at mindrot.org ReportedBy: ramses at

http://bugzilla.mindrot.org/show_bug.cgi?id=220 ------- Additional Comments From markus at openbsd.org 2002-04-18 06:01 ------- i think i've seen this before and it was related to the realpath() implementation.... ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.

On 24 March 2018 at 03:03, Corinna Vinschen <vinschen at redhat.com> wrote: [...] > session opened for local user corinna from [UNKNOWN] > received client version 3 > debug2: Permitting whitelisted realpath request > debug3: request 1: realpath > realpath "." > debug1: request 1: sent names count 1 > Refusing non-whitelisted statvfs request >

http://bugzilla.mindrot.org/show_bug.cgi?id=978 Summary: The supplied realpath function mangles pathnames. Product: Portable OpenSSH Version: 3.9p1 Platform: Other OS/Version: other Status: NEW Severity: minor Priority: P3 Component: Miscellaneous AssignedTo: openssh-bugs at mindrot.org

Hello! A couple of days ago I submitted the problem report shown below to the support forum for WinSCP. I got a reply (shown at the end of this e-mail) saying that this in part was a WinSCP problem, but also that there appeared to be something wrong with the replies from OpenSSH-3.9p1 under AIX 4.3.3. The full dialog including the reply can be seen at

Hi, I starting a new project, and have run into behavior I cannot replicate in irb, (i.e. outside of using rspec) when the directory? returns true, so I thought I''d ask here, in case any one has seen this badhavior. ruby-1.9.2-p136 rspec (2.5.0) rspec-core (2.5.1) rspec-expectations (2.5.0) rspec-mocks (2.5.0) When I try to run this spec: require Pathname(__FILE__).ascend { |d|

On the advisory about the realpath problem it says that it was corrected: RELENG_4_8 src/UPDATING 1.73.2.80.2.3 src/lib/libc/stdlib/realpath.c 1.9.14.1 src/sys/conf/newvers.sh 1.44.2.29.2.2 I ran cvsup and when I look at my src/lib/libc/stdlib/realpath.c I see

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-03:08.realpath Security Advisory The FreeBSD Project Topic: Single byte buffer overflow in realpath(3) Category: core Module: libc Announced:

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-03:08.realpath Security Advisory The FreeBSD Project Topic: Single byte buffer overflow in realpath(3) Category: core Module: libc Announced:

This is needed as the basis for the readlink -f option. Signed-off-by: Ben Hutchings <ben at decadent.org.uk> --- --- a/usr/include/stdlib.h +++ b/usr/include/stdlib.h @@ -92,4 +92,6 @@ static __inline__ int grantpt(int __fd) return 0; /* devpts does this all for us! */ } +__extern char *realpath(const char *, char *); + #endif /* _STDLIB_H */ --- a/usr/klibc/Kbuild +++

Hello there. I tried make update using the following stable-supfile: *default base=/usr *default prefix=/usr *default release=cvs tag=RELENG_4 *default delete use-rel-suffix and my two nearest Russian CVS mirrors showed no changes in realpath. Heck, I downloaded the patch and said in /usr/src: # patch < realpath.patch so it was rejected. Then I looked into realpath.c's revision and

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-03:08.realpath Security Advisory The FreeBSD Project Topic: Single byte buffer overflow in realpath(3) Category: core Module: libc Announced:

In realpath.c at line 182 left_len = strlcat(symlink, left, sizeof(left)); should be left_len = strlcat(symlink, left, sizeof(symlink)); It's a benign issue because both arrays are the same size. And I can't imagine that ever changing. But it's inconsistent, not to mention throwing compiler warnings on OS X.

https://bugzilla.mindrot.org/show_bug.cgi?id=2403 Bug ID: 2403 Summary: Bugs intended to be fixed in 7.0 Product: Portable OpenSSH Version: -current Hardware: Other OS: Linux Status: NEW Severity: enhancement Priority: P5 Component: Miscellaneous Assignee: unassigned-bugs at

Hi, I've seen that this commit never got MFC'd: http://www.freebsd.org/cgi/cvsweb.cgi/src/lib/libc/stdlib/realpath.c?rev=1.14&content-type=text/x-cvsweb-markup Would it be possible to do that or are there any objections out there ? Martin Martin Blapp, <mb@imp.ch> <mbr@FreeBSD.org> ------------------------------------------------------------------ ImproWare AG, UNIXSP

https://bugzilla.mindrot.org/show_bug.cgi?id=2948 Bug ID: 2948 Summary: implement "copy-data" sftp extension Product: Portable OpenSSH Version: -current Hardware: All URL: https://tools.ietf.org/html/draft-ietf-secsh-filexfer- extensions-00#section-7 OS: All Status: NEW

https://bugzilla.mindrot.org/show_bug.cgi?id=2647 Bug ID: 2647 Summary: Tracking bug for OpenSSH 7.5 release Product: Portable OpenSSH Version: -current Hardware: Other OS: Linux Status: NEW Keywords: meta Severity: enhancement Priority: P5 Component: Miscellaneous

I was planning to use this function to harden the code in v2v/input_ova.ml against malicious OVA files. However I didn't complete that work. Hate to see a good commit go to waste ... Rich.

Hi, I made this simple path to make sftp-server restricted to a basepath! This was done because use sshfs [wich base is sftp-server] to allow people access medias [ cdrom,dvdrom, floppy, usb] from x-terms. Those x-terms [ diskless] does not have all users, so we share a single user and a DSA empty passphrase, with some acl scipts at .ssh/authorized keys. Main usage of this patch is to NOT

Hi, I have a strange problem : some users cannot acces to diretcory, the message is "access denied". The ACL is correct # file: rsrv/vol2/data1/groupes/CORDAF # owner: root # group: Utilisateurs user::rwx user:mro:r-x user:sad:r-x group::--- group:administrateurs:rwx group:daf:rwx mask::rwx other::--- default:user::rwx default:user:mro:r-x default:user:sad:r-x default:group::---