diff options
author | Nick Thomas <nick@gitlab.com> | 2021-09-27 19:28:06 +0100 |
---|---|---|
committer | Nick Thomas <nick@gitlab.com> | 2021-09-27 20:25:10 +0100 |
commit | 5564ea9ca23217687a6e6c091f3b4fc11e375a2f (patch) | |
tree | b58611c4552934ae0412092622b8af20326a7c0f | |
parent | a1ae9e5ad2900d512a58ce64f4ad0f02769c3edd (diff) | |
download | gitlab-shell-5564ea9ca23217687a6e6c091f3b4fc11e375a2f.tar.gz |
Don't swallow an error parsing SSH_ORIGINAL_COMMAND
-rw-r--r-- | cmd/gitlab-shell/command/command_test.go | 2 | ||||
-rw-r--r-- | internal/command/commandargs/shell.go | 13 | ||||
-rw-r--r-- | internal/sshd/session_test.go | 2 |
3 files changed, 6 insertions, 11 deletions
diff --git a/cmd/gitlab-shell/command/command_test.go b/cmd/gitlab-shell/command/command_test.go index 2db644b..2aeee59 100644 --- a/cmd/gitlab-shell/command/command_test.go +++ b/cmd/gitlab-shell/command/command_test.go @@ -267,7 +267,7 @@ func TestParseFailure(t *testing.T) { executable: &executable.Executable{Name: executable.GitlabShell}, env: sshenv.Env{IsSSHConnection: true, OriginalCommand: `git receive-pack "`}, arguments: []string{}, - expectedError: "Invalid SSH command", + expectedError: "Invalid SSH command: invalid command line string", }, } diff --git a/internal/command/commandargs/shell.go b/internal/command/commandargs/shell.go index 589f58d..7a76be5 100644 --- a/internal/command/commandargs/shell.go +++ b/internal/command/commandargs/shell.go @@ -1,7 +1,7 @@ package commandargs import ( - "errors" + "fmt" "regexp" "github.com/mattn/go-shellwords" @@ -49,21 +49,16 @@ func (s *Shell) GetArguments() []string { func (s *Shell) validate() error { if !s.Env.IsSSHConnection { - return errors.New("Only SSH allowed") + return fmt.Errorf("Only SSH allowed") } - if !s.isValidSSHCommand() { - return errors.New("Invalid SSH command") + if err := s.ParseCommand(s.Env.OriginalCommand); err != nil { + return fmt.Errorf("Invalid SSH command: %w", err) } return nil } -func (s *Shell) isValidSSHCommand() bool { - err := s.ParseCommand(s.Env.OriginalCommand) - return err == nil -} - func (s *Shell) parseWho() { for _, argument := range s.Arguments { if keyId := tryParseKeyId(argument); keyId != "" { diff --git a/internal/sshd/session_test.go b/internal/sshd/session_test.go index b014c0c..43d6aca 100644 --- a/internal/sshd/session_test.go +++ b/internal/sshd/session_test.go @@ -145,7 +145,7 @@ func TestHandleShell(t *testing.T) { { desc: "fails to parse command", cmd: `\`, - errMsg: "Failed to parse command: Invalid SSH command\nUnknown command: \\\n", + errMsg: "Failed to parse command: Invalid SSH command: invalid command line string\nUnknown command: \\\n", gitlabKeyId: "root", expectedExitCode: 128, }, { |