Skip to content

Commit f7eabd0

Browse files
authored
Prevent ssh option injection (#16)
1 parent 378c9b2 commit f7eabd0

File tree

2 files changed

+3
-3
lines changed

2 files changed

+3
-3
lines changed

Diff for: cmd/sshproxy/sshproxy.go

+2-2
Original file line numberDiff line numberDiff line change
@@ -474,7 +474,7 @@ func mainExitCode() int {
474474
if doCmd == fromCmd {
475475
log.Debugf("translateCmdConf = %+v", translateCmdConf)
476476
sshArgs = append(sshArgs, translateCmdConf.SSHArgs...)
477-
sshArgs = append(sshArgs, "--", host, translateCmdConf.Command)
477+
sshArgs = append(sshArgs, host, "--", translateCmdConf.Command)
478478
if config.Dump != "" && translateCmdConf.DisableDump {
479479
config.Dump = "etcd"
480480
}
@@ -487,7 +487,7 @@ func mainExitCode() int {
487487
// Force TTY allocation because the user probably asked for it.
488488
sshArgs = append(sshArgs, "-t")
489489
}
490-
sshArgs = append(sshArgs, host, doCmd)
490+
sshArgs = append(sshArgs, host, "--", doCmd)
491491
}
492492
} else {
493493
sshArgs = append(sshArgs, host)

Diff for: test/fedora-image/Dockerfile

+1-1
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
1-
FROM fedora:latest
1+
FROM fedora:39
22

33
# Install development environment to compile RPM
44
RUN set -ex \

0 commit comments

Comments
 (0)