[Bug 2281] New: sshd accepts empty arguments in ForceCommand and VersionAddendum
bugzilla-daemon at mindrot.org
bugzilla-daemon at mindrot.org
Thu Sep 25 00:46:28 EST 2014
https://bugzilla.mindrot.org/show_bug.cgi?id=2281
Bug ID: 2281
Summary: sshd accepts empty arguments in ForceCommand and
VersionAddendum
Product: Portable OpenSSH
Version: 6.6p1
Hardware: Other
OS: Linux
Status: NEW
Severity: normal
Priority: P5
Component: sshd
Assignee: unassigned-bugs at mindrot.org
Reporter: plautrba at redhat.com
Created attachment 2481
--> https://bugzilla.mindrot.org/attachment.cgi?id=2481&action=edit
check for empty arguments in VersionAddendum and ForceCommand
When the mentioned options are specified with white spaces, they are
accepted by the parser. There are missing checks for empty strings in
cp.
# /usr/sbin/sshd -o "ForceCommand " -t
# /usr/sbin/sshd -o "ForceCommand" -t
command-line line 0: Missing argument.
The attached patch fixes it.
--
You are receiving this mail because:
You are watching the assignee of the bug.
More information about the openssh-bugs
mailing list