Issues traversing a sftp server when files or folders contain the character "]"

Bug #1483751 reported by Shane O'Sullivan
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
portable OpenSSH
Unknown
Unknown
openssh (Ubuntu)
Fix Released
Low
Unassigned

Bug Description

I am unsure if the bug is with openssh sftp client or within openssh-sftp-server

When traversing an sftp server, I encounter issues for files and, in particular, directories containing the character "]". Tab completion does not escape the character in sftp shell, however, in bash it will escape the character for tab completion. If I "cd" into a directory that contains the character I cannot get any files with in that directory and I have to rename the directory outside of the sftp shell to remove the character in order to be able to correctly get files.

Ex:

sftp> cd Movie\ \[1080p]/
sftp> ls
Movie.1080p.mp4
sftp> get Movie.1080p.mp4
File "/home/hitsuji/movies/Movie [1080p]/Movie.1080p.mp4" not found.
sftp>

ProblemType: Bug
DistroRelease: Ubuntu 14.04
Package: openssh-client 1:6.6p1-2ubuntu2
ProcVersionSignature: Ubuntu 3.16.0-45.60~14.04.1-generic 3.16.7-ckt14
Uname: Linux 3.16.0-45-generic x86_64
ApportVersion: 2.14.1-0ubuntu3.11
Architecture: amd64
CurrentDesktop: Unity
Date: Tue Aug 11 14:36:00 2015
InstallationDate: Installed on 2015-05-01 (101 days ago)
InstallationMedia: Ubuntu 14.04.2 LTS "Trusty Tahr" - Release amd64 (20150218.1)
RelatedPackageVersions:
 ssh-askpass N/A
 libpam-ssh N/A
 keychain N/A
 ssh-askpass-gnome 1:6.6p1-2ubuntu2
SSHClientVersion: OpenSSH_6.6.1p1 Ubuntu-2ubuntu2, OpenSSL 1.0.1f 6 Jan 2014
SourcePackage: openssh
UpgradeStatus: No upgrade log present (probably fresh install)

Revision history for this message
Shane O'Sullivan (hitsuji) wrote :
description: updated
Revision history for this message
Luke Faraone (lfaraone) wrote :

Can confirm:

sftp> cd Foo\ \[bar\]
sftp> ls
hello.txt
sftp> get hello.txt
File "/home/lfaraone/Foo [bar]/hello.txt" not found.
sftp>

Changed in openssh (Ubuntu):
importance: Undecided → Low
status: New → Triaged
Revision history for this message
Christian Ehrhardt  (paelzer) wrote :

Thank you for taking the time to report this bug and helping to make Ubuntu better. I appreciate the quality of this bug report and I'm sure it'll be helpful to others experiencing the same issue.

This is even slightly worse IMHO as it does stripped mapping.
If on a server you have

$ ll \[a\]/ a
'[a]/':
total 8
drwxrwxr-x 2 ubuntu ubuntu 4096 Sep 9 09:51 ./
drwxr-xr-x 9 ubuntu ubuntu 4096 Sep 9 09:51 ../
-rw-rw-r-- 1 ubuntu ubuntu 0 Sep 9 09:51 foo

a:
total 8
drwxrwxr-x 2 ubuntu ubuntu 4096 Sep 9 09:51 ./
drwxr-xr-x 9 ubuntu ubuntu 4096 Sep 9 09:51 ../
-rw-rw-r-- 1 ubuntu ubuntu 0 Sep 9 09:51 foo

And you are in there with sftp and try to get the file from [a] then you will get the "other one".

sftp> pwd
Remote working directory: /home/ubuntu/[a]
sftp> ls
foo
sftp> get foo
Fetching /home/ubuntu/a/foo to foo

Never the less this sounds like an upstream bug/feature-request to me request I'd think.
Well and it sit around without anyone noticing for years :-/
But today is my bug triage duty and I at least want to guide you to the right place :-)

I tried this up to (including) the last version of 8.0p1.
But as much as this seems wrong, this isn't (IMHO) the kind of issue that Ubuntu would develop on its own and keep a delta. After all name/path handling often is security relevant and important for scripts (you'd not want different hosts to behave differently).

The best route to getting it fixed in Ubuntu in this case would be to file an upstream bug if you're able to do that. Otherwise, I'm not sure what we can do directly in Ubuntu to fix the problem.

If you do end up filing an upstream bug, please link to it from here. Thanks!

Revision history for this message
Andreas Hasenack (ahasenack) wrote :
Revision history for this message
Launchpad Janitor (janitor) wrote :
Download full text (16.6 KiB)

This bug was fixed in the package openssh - 1:9.2p1-2ubuntu3

---------------
openssh (1:9.2p1-2ubuntu3) mantic; urgency=medium

  * Fix upgrade of openssh-server with active ssh session (LP: #2020474)
    - debian/patches/systemd-socket-activation.patch:
      + Do force closing of listen sockets in child process
      + Set rexec_flag = 0 when sshd is socket-activated so that child process
        does not re-exec
    - debian/openssh-server.postint:
      + When upgrading from affected versions of openssh, do not try to
        restart systemd units, and instead indicate that a reboot is required
    - debian/tests/systemd-socket-activation:
      + Reboot the testbed before starting the test
    - debian/rules:
      + Do not stop ssh.socket on upgrade
  * d/p/test-set-UsePAM-no-on-some-tests.patch: set UsePAM=no for some tests

openssh (1:9.2p1-2ubuntu2) mantic; urgency=medium

  * debian/README.Debian: Fix path of addresses.conf drop-in

openssh (1:9.2p1-2ubuntu1) mantic; urgency=medium

  * Merge with Debian unstable (LP: #2018094). Remaining changes:
    - debian/rules: modify dh_installsystemd invocations for
      socket-activated sshd
    - debian/openssh-server.postinst: handle migration of sshd_config options
      to systemd socket options on upgrade.
    - debian/README.Debian: document systemd socket activation.
    - debian/patches/socket-activation-documentation.patch: Document in
      sshd_config(5) that ListenAddress and Port no longer work.
    - debian/openssh-server.templates: include debconf prompt explaining
      when migration cannot happen due to multiple ListenAddress values
    - debian/.gitignore: drop file
    - debian/openssh-server.postrm: remove systemd drop-ins for
      socket-activated sshd on purge
    - debian/openssh-server.ucf-md5sum: Update list of stock sshd_config
      checksums to include those from jammy and kinetic.
    - debian/openssh-server.tmpfile,debian/systemd/ssh.service: Move
      /run/sshd creation out of the systemd unit to a tmpfile config so
      that sshd can be run manually if necessary without having to create
      this directory by hand.
    - debian/patches/systemd-socket-activation.patch: Fix sshd
      re-execution behavior when socket activation is used
    - debian/tests/systemd-socket-activation: Add autopkgtest for systemd socket
      activation functionality.
  * Dropped changes, included in Debian:
    - debian/patches/systemd-socket-activation.patch: Initial implementation
  * New changes:
    - debian/README.Debian: mention drop-in configurations in instructions
      for disabling sshd socket activation (LP: #2017434).
    - debian/openssh-server.ucf-md5sum: update for Ubuntu delta

openssh (1:9.2p1-2) unstable; urgency=medium

  * Fix mistakenly-unreleased entry for 1:9.2p1-1 in debian/NEWS.

openssh (1:9.2p1-1) unstable; urgency=medium

  * Set "UsePAM yes" when running regression tests, to match our default
    sshd configuration.
  * Ignore Lintian error about depending on lsb-base for now, to avoid
    problems with partial upgrades on non-default init systems.
  * New upstream release (https://www.openssh.com/releasenotes.html#9.2p1):
    - [SECURITY] sshd...

Changed in openssh (Ubuntu):
status: Triaged → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.