tyler.durden
/
openssh-portable
mirror of https://github.com/PowerShell/openssh-portable.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

upstream commit 

Have sftp print a warning about shell cleanliness when
decoding the first packet fails, which is usually caused by shells polluting
stdout of non-interactive starups.  bz#2800, ok markus@ deraadt@.

OpenBSD-Commit-ID: 88d6a9bf3470f9324b76ba1cbd53e50120f685b5
This commit is contained in:
dtucker@openbsd.org 2017-11-28 21:10:22 +00:00 committed by Darren Tucker
parent 6c8a246437
commit 3dde09ab38
1 changed files with 15 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
sftp-client.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: sftp-client.c,v 1.127 2017/08/11 04:41:08 djm Exp $ */ /* $OpenBSD: sftp-client.c,v 1.128 2017/11/28 21:10:22 dtucker Exp $ */
/* /*
* Copyright (c) 2001-2004 Damien Miller <djm@openbsd.org> * Copyright (c) 2001-2004 Damien Miller <djm@openbsd.org>
* *
@ -130,7 +130,7 @@ send_msg(struct sftp_conn *conn, struct sshbuf *m)
} }
static void static void
get_msg(struct sftp_conn *conn, struct sshbuf *m) get_msg_extended(struct sftp_conn *conn, struct sshbuf *m, int initial)
{ {
u_int msg_len; u_int msg_len;
u_char *p; u_char *p;
@ -148,8 +148,12 @@ get_msg(struct sftp_conn *conn, struct sshbuf *m)
if ((r = sshbuf_get_u32(m, &msg_len)) != 0) if ((r = sshbuf_get_u32(m, &msg_len)) != 0)
fatal("%s: buffer error: %s", __func__, ssh_err(r)); fatal("%s: buffer error: %s", __func__, ssh_err(r));
if (msg_len > SFTP_MAX_MSG_LENGTH) if (msg_len > SFTP_MAX_MSG_LENGTH) {
fatal("Received message too long %u", msg_len); do_log2(initial ? SYSLOG_LEVEL_ERROR : SYSLOG_LEVEL_FATAL,
"Received message too long %u", msg_len);
fatal("Ensure the remote shell produces no output "
"for non-interactive sessions.");
}
if ((r = sshbuf_reserve(m, msg_len, &p)) != 0) if ((r = sshbuf_reserve(m, msg_len, &p)) != 0)
fatal("%s: buffer error: %s", __func__, ssh_err(r)); fatal("%s: buffer error: %s", __func__, ssh_err(r));
@ -163,6 +167,12 @@ get_msg(struct sftp_conn *conn, struct sshbuf *m)
} }
} }
static void
get_msg(struct sftp_conn *conn, struct sshbuf *m)
{
get_msg_extended(conn, m, 0);
}
static void static void
send_string_request(struct sftp_conn *conn, u_int id, u_int code, const char *s, send_string_request(struct sftp_conn *conn, u_int id, u_int code, const char *s,
u_int len) u_int len)
@ -406,7 +416,7 @@ do_init(int fd_in, int fd_out, u_int transfer_buflen, u_int num_requests,
sshbuf_reset(msg); sshbuf_reset(msg);
get_msg(ret, msg); get_msg_extended(ret, msg, 1);
/* Expecting a VERSION reply */ /* Expecting a VERSION reply */
if ((r = sshbuf_get_u8(msg, &type)) != 0) if ((r = sshbuf_get_u8(msg, &type)) != 0)