From 001b21871c61e3a13a949173e429f86ea362959d Mon Sep 17 00:00:00 2001 From: Erich Eckner Date: Mon, 23 Oct 2017 12:29:37 +0200 Subject: bin/slave-build-connect: repair, but still preven shell injections --- bin/slave-build-connect | 22 +++++++++++++++------- 1 file changed, 15 insertions(+), 7 deletions(-) diff --git a/bin/slave-build-connect b/bin/slave-build-connect index e773256..84abba1 100755 --- a/bin/slave-build-connect +++ b/bin/slave-build-connect @@ -5,13 +5,21 @@ if [ "${SSH_ORIGINAL_COMMAND%% *}" = "get-assignment" ] || \ [ "${SSH_ORIGINAL_COMMAND%% *}" = "return-assignment" ]; then - export slave="$1" - # this is somewhat cumbersome, but we want: - # - no expansion of special shell-chars (*,;,\n,&&,~,$HOME) - # - splitting of arguments on spaces - echo "${SSH_ORIGINAL_COMMAND#* }" | \ - xargs "${base_dir}/bin/${SSH_ORIGINAL_COMMAND%% *}" + + # small check to prevent some shell-injections + if echo "${SSH_ORIGINAL_COMMAND}" | \ + grep -q '[^-a-zA-Z0-9.+_]'; then + + >&2 printf 'Invalid command: "%s".\n' "${SSH_ORIGINAL_COMMAND}" + exit 42 + + fi + + slave="$1" /bin/sh -c "${base_dir}/bin/${SSH_ORIGINAL_COMMAND}" + else - >&2 echo "Invalid command: '${SSH_ORIGINAL_COMMAND%% *}'" + + >&2 printf 'Invalid command: "%s".\n' "${SSH_ORIGINAL_COMMAND}" exit 42 + fi -- cgit v1.2.3-70-g09d2