From e4bd42f98f7da0ac49cdea579d1e43be64c0621f Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Fri, 11 Aug 2017 13:55:41 +0200 Subject: [PATCH] Disallow SSH host names starting with a dash --- src/libstore/ssh.cc | 11 +++++++++++ src/libstore/ssh.hh | 9 +-------- 2 files changed, 12 insertions(+), 8 deletions(-) diff --git a/src/libstore/ssh.cc b/src/libstore/ssh.cc index 776ffdb83..7ff7a9bff 100644 --- a/src/libstore/ssh.cc +++ b/src/libstore/ssh.cc @@ -2,6 +2,17 @@ namespace nix { +SSHMaster::SSHMaster(const std::string & host, const std::string & keyFile, bool useMaster, bool compress, int logFD) + : host(host) + , keyFile(keyFile) + , useMaster(useMaster) + , compress(compress) + , logFD(logFD) +{ + if (host == "" || hasPrefix(host, "-")) + throw Error("invalid SSH host name '%s'", host); +} + void SSHMaster::addCommonSSHOpts(Strings & args) { for (auto & i : tokenizeString(getEnv("NIX_SSHOPTS"))) diff --git a/src/libstore/ssh.hh b/src/libstore/ssh.hh index 18dea227a..1268e6d00 100644 --- a/src/libstore/ssh.hh +++ b/src/libstore/ssh.hh @@ -28,14 +28,7 @@ private: public: - SSHMaster(const std::string & host, const std::string & keyFile, bool useMaster, bool compress, int logFD = -1) - : host(host) - , keyFile(keyFile) - , useMaster(useMaster) - , compress(compress) - , logFD(logFD) - { - } + SSHMaster(const std::string & host, const std::string & keyFile, bool useMaster, bool compress, int logFD = -1); struct Connection {