Bug 2281

Summary: sshd accepts empty arguments in ForceCommand and VersionAddendum
Product: Portable OpenSSH Reporter: Petr Lautrbach <plautrba>
Component: sshdAssignee: Assigned to nobody <unassigned-bugs>
Status: CLOSED FIXED    
Severity: normal CC: djm, dtucker
Priority: P5    
Version: 6.6p1   
Hardware: Other   
OS: Linux   
Bug Depends on:    
Bug Blocks: 2360    
Attachments:
Description Flags
check for empty arguments in VersionAddendum and ForceCommand djm: ok+

Description Petr Lautrbach 2014-09-25 00:46:28 AEST 
Created attachment 2481 [details]
check for empty arguments in VersionAddendum and ForceCommand

When the mentioned options are specified with white spaces, they are accepted by the parser. There are missing checks for empty strings in cp.

# /usr/sbin/sshd -o "ForceCommand " -t

# /usr/sbin/sshd -o "ForceCommand" -t
command-line line 0: Missing argument.


The attached patch fixes it.
Comment 1 Darren Tucker 2015-04-17 15:10:36 AEST 
Comment on attachment 2481 [details]
check for empty arguments in VersionAddendum and ForceCommand

I think we'd also need to add "ForcedCommand none" to allow you to unset it in a Match block.
Comment 2 Darren Tucker 2015-04-23 14:57:41 AEST 
Patch applied and will be in the 6.9 release.  Thanks.
Comment 3 Damien Miller 2015-08-11 23:04:20 AEST 
Set all RESOLVED bugs to CLOSED with release of OpenSSH 7.1