From 113054018f04cf5e1a942fe2c9c8a066bf1fcf00 Mon Sep 17 00:00:00 2001
From: Erich Eckner <git@eckner.net>
Date: Mon, 23 Oct 2017 09:18:26 +0200
Subject: bin/slave-build-connect: improve security

---
 bin/slave-build-connect | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

(limited to 'bin/slave-build-connect')

diff --git a/bin/slave-build-connect b/bin/slave-build-connect
index 497c96f..e773256 100755
--- a/bin/slave-build-connect
+++ b/bin/slave-build-connect
@@ -5,7 +5,12 @@
 
 if [ "${SSH_ORIGINAL_COMMAND%% *}" = "get-assignment" ] || \
   [ "${SSH_ORIGINAL_COMMAND%% *}" = "return-assignment" ]; then
-  slave="$1" /bin/sh -c "${base_dir}/bin/${SSH_ORIGINAL_COMMAND}"
+  export slave="$1"
+  # this is somewhat cumbersome, but we want:
+  #  - no expansion of special shell-chars (*,;,\n,&&,~,$HOME)
+  #  - splitting of arguments on spaces
+  echo "${SSH_ORIGINAL_COMMAND#* }" | \
+    xargs "${base_dir}/bin/${SSH_ORIGINAL_COMMAND%% *}"
 else
   >&2 echo "Invalid command: '${SSH_ORIGINAL_COMMAND%% *}'"
   exit 42
-- 
cgit v1.2.3