Bug 2281 - sshd accepts empty arguments in ForceCommand and VersionAddendum
Summary: sshd accepts empty arguments in ForceCommand and VersionAddendum
Status: CLOSED FIXED
Alias: None
Product: Portable OpenSSH
Classification: Unclassified
Component: sshd (show other bugs)
Version: 6.6p1
Hardware: Other Linux
: P5 normal
Assignee: Assigned to nobody
URL:
Keywords:
Depends on:
Blocks: V_6_9
  Show dependency treegraph
 
Reported: 2014-09-25 00:46 AEST by Petr Lautrbach
Modified: 2015-08-11 23:04 AEST (History)
2 users (show)

See Also:

Attachments
check for empty arguments in VersionAddendum and ForceCommand (882 bytes, text/plain)
2014-09-25 00:46 AEST, Petr Lautrbach 		djm: ok+
Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Petr Lautrbach 2014-09-25 00:46:28 AEST 
Created attachment 2481 [details]
check for empty arguments in VersionAddendum and ForceCommand

When the mentioned options are specified with white spaces, they are accepted by the parser. There are missing checks for empty strings in cp.

# /usr/sbin/sshd -o "ForceCommand " -t

# /usr/sbin/sshd -o "ForceCommand" -t
command-line line 0: Missing argument.


The attached patch fixes it.
Comment 1 Darren Tucker 2015-04-17 15:10:36 AEST 
Comment on attachment 2481 [details]
check for empty arguments in VersionAddendum and ForceCommand

I think we'd also need to add "ForcedCommand none" to allow you to unset it in a Match block.
Comment 2 Darren Tucker 2015-04-23 14:57:41 AEST 
Patch applied and will be in the 6.9 release.  Thanks.
Comment 3 Damien Miller 2015-08-11 23:04:20 AEST 
Set all RESOLVED bugs to CLOSED with release of OpenSSH 7.1