Re: ProxyJump may construct erroneous ProxyCommand

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



> On Jan 14, 2024, at 8:35 PM, Rob Leslie <rob@xxxxxxxx> wrote:
> 
>> On Jan 14, 2024, at 2:14 PM, Damien Miller <djm@xxxxxxxxxxx> wrote:
>> 
>> We could do something like this:
>> 
>> 
>> diff --git a/ssh.c b/ssh.c
>> index 48d93ddf2..7cd498f84 100644
>> --- a/ssh.c
>> +++ b/ssh.c
>> @@ -1313,7 +1313,7 @@ main(int ac, char **av)
>> * Try to use SSH indicated by argv[0], but fall back to
>> * "ssh" if it appears unavailable.
>> */
>> - if (strchr(argv0, '/') != NULL && access(argv0, X_OK) != 0)
>> + if (access(argv0, X_OK) != 0)
>> sshbin = "ssh";
>> 
>> /* Consistency check */
> 
> 
> I was thinking perhaps something like this:
> 
> 
> diff --git a/ssh.c b/ssh.c
> index 0019281f4..4c80e0df6 100644
> --- a/ssh.c
> +++ b/ssh.c
> @@ -1313,7 +1313,9 @@ main(int ac, char **av)
>                 * Try to use SSH indicated by argv[0], but fall back to
>                 * "ssh" if it appears unavailable.
>                 */
> -               if (strchr(argv0, '/') != NULL && access(argv0, X_OK) != 0)
> +               if (*sshbin == '-')
> +                       ++sshbin;
> +               if (strchr(sshbin, '/') != NULL && access(sshbin, X_OK) != 0)
>                        sshbin = "ssh";
>                 /* Consistency check */

Was there no love for this in OpenSSH 9.7?

-- 
Rob Leslie
rob@xxxxxxxx

_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev




[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux