From ae45246696fed011e1a9941d33b89669c74b3198 Mon Sep 17 00:00:00 2001
From: Damien Miller <djm@mindrot.org>
Date: Wed, 10 Oct 2001 15:08:06 +1000
Subject: [PATCH]    - markus@cvs.openbsd.org 2001/10/09 19:32:49     
 [session.c]      stat subsystem command before calling do_exec, and return
 error to client.

---
 ChangeLog |  5 ++++-
 session.c | 20 ++++++++++++++------
 2 files changed, 18 insertions(+), 7 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index c0e076e77..93f90af68 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -37,6 +37,9 @@
    - markus@cvs.openbsd.org 2001/10/09 10:12:08
      [session.c]
      chdir $HOME after krb_afslog(); from bbense@networking.stanford.edu
+   - markus@cvs.openbsd.org 2001/10/09 19:32:49
+     [session.c]
+     stat subsystem command before calling do_exec, and return error to client.
 
 20011007
  - (bal) ssh-copy-id corrected permissions for .ssh/ and authorized_keys.
@@ -6682,4 +6685,4 @@
  - Wrote replacements for strlcpy and mkdtemp
  - Released 1.0pre1
 
-$Id: ChangeLog,v 1.1595 2001/10/10 05:07:44 djm Exp $
+$Id: ChangeLog,v 1.1596 2001/10/10 05:08:06 djm Exp $
diff --git a/session.c b/session.c
index 0e3e933f9..c1305da6a 100644
--- a/session.c
+++ b/session.c
@@ -33,7 +33,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: session.c,v 1.104 2001/10/09 10:12:08 markus Exp $");
+RCSID("$OpenBSD: session.c,v 1.105 2001/10/09 19:32:49 markus Exp $");
 
 #include "ssh.h"
 #include "ssh1.h"
@@ -1672,25 +1672,33 @@ session_pty_req(Session *s)
 static int
 session_subsystem_req(Session *s)
 {
+	struct stat st;
 	u_int len;
 	int success = 0;
-	char *subsys = packet_get_string(&len);
+	char *cmd, *subsys = packet_get_string(&len);
 	int i;
 
 	packet_done();
 	log("subsystem request for %s", subsys);
 
 	for (i = 0; i < options.num_subsystems; i++) {
-		if(strcmp(subsys, options.subsystem_name[i]) == 0) {
-			debug("subsystem: exec() %s", options.subsystem_command[i]);
+		if (strcmp(subsys, options.subsystem_name[i]) == 0) {
+			cmd = options.subsystem_command[i];
+			if (stat(cmd, &st) < 0) {
+				error("subsystem: cannot stat %s: %s", cmd,
+				    strerror(errno));
+				break;
+			}
+			debug("subsystem: exec() %s", cmd);
 			s->is_subsystem = 1;
-			do_exec(s, options.subsystem_command[i]);
+			do_exec(s, cmd);
 			success = 1;
 		}
 	}
 
 	if (!success)
-		log("subsystem request for %s failed, subsystem not found", subsys);
+		log("subsystem request for %s failed, subsystem not found",
+		    subsys);
 
 	xfree(subsys);
 	return success;