From 819ef4f2037490b6aa2e870aea851b6364184090 Mon Sep 17 00:00:00 2001 From: Kamil Dudka Date: Mon, 11 Sep 2017 21:13:45 +0200 Subject: [PATCH] scp: do not NUL-terminate the command for remote exec (#208) It breaks SCP download/upload from/to certain server implementations. The bug does not manifest with OpenSSH, which silently drops the NUL byte (eventually with any garbage that follows the NUL byte) before executing it. Bug: https://bugzilla.redhat.com/1489736 --- src/scp.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/src/scp.c b/src/scp.c index 22778dd..d1665a6 100644 --- a/src/scp.c +++ b/src/scp.c @@ -303,8 +303,8 @@ scp_recv(LIBSSH2_SESSION * session, const char *path, libssh2_struct_stat * sb) &session->scpRecv_command[cmd_len], session->scpRecv_command_len - cmd_len); - session->scpRecv_command[cmd_len] = '\0'; - session->scpRecv_command_len = cmd_len + 1; + /* the command to exec should _not_ be NUL-terminated */ + session->scpRecv_command_len = cmd_len; _libssh2_debug(session, LIBSSH2_TRACE_SCP, "Opening channel for SCP receive"); @@ -845,8 +845,8 @@ scp_send(LIBSSH2_SESSION * session, const char *path, int mode, &session->scpSend_command[cmd_len], session->scpSend_command_len - cmd_len); - session->scpSend_command[cmd_len] = '\0'; - session->scpSend_command_len = cmd_len + 1; + /* the command to exec should _not_ be NUL-terminated */ + session->scpSend_command_len = cmd_len; _libssh2_debug(session, LIBSSH2_TRACE_SCP, "Opening channel for SCP send"); -- 2.9.5