On Fri, Jan 18, 2002 at 12:56:21AM -0800, Eugene Podkopaev wrote:
> 
> >Number:         34019
> >Category:       misc
> >Synopsis:       sftp core dumped
> >Originator:     Eugene Podkopaev
> >Release:        4.5-PRERELEASE
> >Organization:
> JSC EMETEX
> >Environment:
> FreeBSD selena 4.5-PRERELEASE FreeBSD 4.5-PRERELEASE #4: Tue Jan  8 13:07:29 MSK  2002     root@selena:/usr/obj/usr/src/sys/SELENA  i386
> >Description:
> sftp crashes when I try to upload nonexisting file.
> >How-To-Repeat:
[snip]
> # sftp selena.emetex.ru
> Connecting to selena.emetex.ru...
> sftp> put nonexisting
> Segmentation fault (core dumped)
> #

Can you try the attached patch?  It should work for both -stable
and -current with no modifications.

After applying the patch, all you need to rebuild is sftp; something like
cd /usr/src/secure/usr.bin/sftp && make && sudo make install
should do the trick.

G'luck,
Peter

-- 
I am jealous of the first word in this sentence.

Index: src/crypto/openssh/sftp-int.c
===================================================================
RCS file: /home/ncvs/src/crypto/openssh/sftp-int.c,v
retrieving revision 1.1.1.1.2.1
diff -u -r1.1.1.1.2.1 sftp-int.c
--- src/crypto/openssh/sftp-int.c	28 Sep 2001 01:33:34 -0000	1.1.1.1.2.1
+++ src/crypto/openssh/sftp-int.c	18 Jan 2002 09:31:31 -0000
@@ -357,7 +357,8 @@
 
 	memset(&g, 0, sizeof(g));
 	debug3("Looking up %s", abs_src);
-	if (remote_glob(in, out, abs_src, 0, NULL, &g)) {
+	if (remote_glob(in, out, abs_src, 0, NULL, &g) != 0 ||
+	    g.gl_matchc == 0) {
 		error("File \"%s\" not found.", abs_src);
 		err = -1;
 		goto out;
@@ -436,7 +437,7 @@
 
 	memset(&g, 0, sizeof(g));
 	debug3("Looking up %s", src);
-	if (glob(src, 0, NULL, &g)) {
+	if (glob(src, 0, NULL, &g) != 0 || g.gl_matchc == 0) {
 		error("File \"%s\" not found.", src);
 		err = -1;
 		goto out;

Comment 2 Peter Pentchev 2002-01-18 09:40:49 UTC

Responsible Changed
From-To: freebsd-bugs->green

Over to Brian Feldman, the maintainer of the FreeBSD OpenSSH. 

Brian, it seems that this bug is present in openssh-portable-3.0b1, too. 
My patch in the audit trail should fix it; I know that this patch should 
ideally be submitted to the OpenSSH developers and then naturally 
integrated into our OpenSSH, but in view of the impending 4.5-RELEASE, 
could it be committed directly into our tree to solve an obvious problem?

Adding this to the audit trail - it seems that the PR originator
is satisfied with this patch.  I will submit it to the OpenSSH
developers right now, but I still think that if no response is
received from them in a day or three, this patch should be committed
to the FreeBSD version and MFC'd immediately, so 4.5 ships with
a working sftp client.

G'luck,
Peter

-- 
Do you think anybody has ever had *precisely this thought* before?

----- Forwarded message from ??????? ????????? <eugene@emetex.ru> -----

From: "??????? ?????????" <eugene@emetex.ru>
To: "Peter Pentchev" <roam@ringlet.net>
Subject: Re: misc/34019: sftp core dumped
Date: Fri, 18 Jan 2002 12:39:55 +0300
X-Priority: 3
X-MSMail-Priority: Normal
X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4807.1700

Thank you!

----- End forwarded message -----

Are you sure it is not your glob() implementation that is incorrect 
here? sftp relies on glob to return non-zero (i.e. GLOB_NOMATCH) when no 
files are matched. This works correctly on Linux, Solaris and OpenBSD.

Comment 5 Brian Feldman 2003-07-13 05:24:32 UTC

Responsible Changed
From-To: green->des

ssh over to DES

Comment 6 Dag-Erling Smørgrav 2003-08-19 11:47:28 UTC

State Changed
From-To: open->closed

OBE