diff options
| author | dtucker@openbsd.org <dtucker@openbsd.org> | 2020-06-26 06:45:11 +0200 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2020-06-26 07:18:45 +0200 |
| commit | c9e24daac6324fcbdba171392c325bf9ccc3c768 (patch) | |
| tree | 5648dee8d2e786c105576983628c44c41b96de0b /session.c | |
| parent | upstream: fix kex mem-leak in ssh_packet_close; ok djm (diff) | |
| download | openssh-c9e24daac6324fcbdba171392c325bf9ccc3c768.tar.xz openssh-c9e24daac6324fcbdba171392c325bf9ccc3c768.zip | |
upstream: Expand path to ~/.ssh/rc rather than relying on it
being relative to the current directory, so that it'll still be found if the
shell startup changes its directory. Since the path is potentially longer,
make the cmd buffer that uses it dynamically sized. bz#3185, with & ok djm@
OpenBSD-Commit-ID: 36e33ff01497af3dc8226d0c4c1526fc3a1e46bf
Diffstat (limited to '')
| -rw-r--r-- | session.c | 20 |
1 files changed, 12 insertions, 8 deletions
@@ -1,4 +1,4 @@ -/* $OpenBSD: session.c,v 1.319 2020/03/13 03:17:07 djm Exp $ */ +/* $OpenBSD: session.c,v 1.320 2020/06/26 04:45:11 dtucker Exp $ */ /* * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland * All rights reserved @@ -1206,19 +1206,21 @@ static void do_rc_files(struct ssh *ssh, Session *s, const char *shell) { FILE *f = NULL; - char cmd[1024]; + char *cmd = NULL, *user_rc = NULL; int do_xauth; struct stat st; do_xauth = s->display != NULL && s->auth_proto != NULL && s->auth_data != NULL; + user_rc = tilde_expand_filename("~/" _PATH_SSH_USER_RC, getuid()); /* ignore _PATH_SSH_USER_RC for subsystems and admin forced commands */ if (!s->is_subsystem && options.adm_forced_command == NULL && auth_opts->permit_user_rc && options.permit_user_rc && - stat(_PATH_SSH_USER_RC, &st) >= 0) { - snprintf(cmd, sizeof cmd, "%s -c '%s %s'", - shell, _PATH_BSHELL, _PATH_SSH_USER_RC); + stat(user_rc, &st) >= 0) { + if (xasprintf(&cmd, "%s -c '%s %s'", shell, _PATH_BSHELL, + user_rc) == -1) + fatal("%s: xasprintf: %s", __func__, strerror(errno)); if (debug_flag) fprintf(stderr, "Running %s\n", cmd); f = popen(cmd, "w"); @@ -1229,7 +1231,7 @@ do_rc_files(struct ssh *ssh, Session *s, const char *shell) pclose(f); } else fprintf(stderr, "Could not run %s\n", - _PATH_SSH_USER_RC); + user_rc); } else if (stat(_PATH_SSH_SYSTEM_RC, &st) >= 0) { if (debug_flag) fprintf(stderr, "Running %s %s\n", _PATH_BSHELL, @@ -1254,8 +1256,8 @@ do_rc_files(struct ssh *ssh, Session *s, const char *shell) options.xauth_location, s->auth_display, s->auth_proto, s->auth_data); } - snprintf(cmd, sizeof cmd, "%s -q -", - options.xauth_location); + if (xasprintf(&cmd, "%s -q -", options.xauth_location) == -1) + fatal("%s: xasprintf: %s", __func__, strerror(errno)); f = popen(cmd, "w"); if (f) { fprintf(f, "remove %s\n", @@ -1269,6 +1271,8 @@ do_rc_files(struct ssh *ssh, Session *s, const char *shell) cmd); } } + free(cmd); + free(user_rc); } static void |