changeset 1804:f0cd000f3bca

Prevent multiple shells being spawned Existing shells would be leaked. The old check only caught multiple commands, not shells.
author Matt Johnston <matt@ucc.asn.au>
date Sat, 06 Mar 2021 23:06:43 +0800
parents 837cc354b388
children 2e5a8332a263
files svr-chansession.c
diffstat 1 files changed, 7 insertions(+), 2 deletions(-) [+]
line wrap: on
line diff
--- a/svr-chansession.c	Sat Mar 06 23:05:17 2021 +0800
+++ b/svr-chansession.c	Sat Mar 06 23:06:43 2021 +0800
@@ -658,12 +658,13 @@
 	unsigned int cmdlen = 0;
 	int ret;
 
-	TRACE(("enter sessioncommand"))
+	TRACE(("enter sessioncommand %d", channel->index))
 
-	if (chansess->cmd != NULL) {
+	if (chansess->pid != 0) {
 		/* Note that only one command can _succeed_. The client might try
 		 * one command (which fails), then try another. Ie fallback
 		 * from sftp to scp */
+		TRACE(("leave sessioncommand, already have a command"))
 		return DROPBEAR_FAILURE;
 	}
 
@@ -675,6 +676,7 @@
 			if (cmdlen > MAX_CMD_LEN) {
 				m_free(chansess->cmd);
 				/* TODO - send error - too long ? */
+				TRACE(("leave sessioncommand, command too long %d", cmdlen))
 				return DROPBEAR_FAILURE;
 			}
 		}
@@ -687,6 +689,7 @@
 #endif
 			{
 				m_free(chansess->cmd);
+				TRACE(("leave sessioncommand, unknown subsystem"))
 				return DROPBEAR_FAILURE;
 			}
 		}
@@ -743,6 +746,7 @@
 	if (ret == DROPBEAR_FAILURE) {
 		m_free(chansess->cmd);
 	}
+	TRACE(("leave sessioncommand, ret %d", ret))
 	return ret;
 }
 
@@ -916,6 +920,7 @@
 		svr_ses.childpidsize++;
 	}
 	
+	TRACE(("addchildpid %d pid %d for chansess %p", i, pid, chansess))
 	svr_ses.childpids[i].pid = pid;
 	svr_ses.childpids[i].chansess = chansess;