7 лет назад · 7116a0cbbd
--- a/NEWS
+++ b/NEWS
@@ -7,6 +7,10 @@
 
				   * Fix setting of origin in config when non-standard origin is passed into
			
 
				     ``Repo.clone``. (Kenneth Lareau, #565)
			
 
				 
			
 
				+  * Prevent setting SSH arguments from SSH URLs when using SSH through a
			
 
				+    subprocess. Note that Dulwich doesn't support cloning submodules.
			
 
				+    (CVE 2017-1000117) (Jelmer Vernooĳ)
			
 
				+
			
 
				  IMPROVEMENTS
			
 
				 
			
 
				   * Silently ignored directories in ``Repo.stage``.
			
--- a/dulwich/client.py
+++ b/dulwich/client.py
@@ -1080,6 +1080,13 @@ class SSHVendor(object):
 
				         raise NotImplementedError(self.run_command)
			
 
				 
			
 
				 
			
 
				+class StrangeHostname(Exception):
			
 
				+    """Refusing to connect to strange SSH hostname."""
			
 
				+
			
 
				+    def __init__(self, hostname):
			
 
				+        super(StrangeHostname, self).__init__(hostname)
			
 
				+
			
 
				+
			
 
				 class SubprocessSSHVendor(SSHVendor):
			
 
				     """SSH vendor that shells out to the local 'ssh' command."""
			
 
				 
			
@@ -1090,6 +1097,8 @@ class SubprocessSSHVendor(SSHVendor):
 
				             args.extend(['-p', str(port)])
			
 
				         if username is not None:
			
 
				             host = '%s@%s' % (username, host)
			
 
				+        if host.startswith('-'):
			
 
				+            raise StrangeHostname(hostname=host)
			
 
				         args.append(host)
			
 
				         proc = subprocess.Popen(args + [command], bufsize=0,
			
 
				                                 stdin=subprocess.PIPE,
			
--- a/dulwich/tests/test_client.py
+++ b/dulwich/tests/test_client.py
@@ -50,6 +50,8 @@ from dulwich.client import (
 
				     HttpGitClient,
			
 
				     ReportStatusParser,
			
 
				     SendPackError,
			
 
				+    StrangeHostname,
			
 
				+    SubprocessSSHVendor,
			
 
				     UpdateRefsError,
			
 
				     default_urllib2_opener,
			
 
				     get_transport_and_path,
			
@@ -942,3 +944,11 @@ class DefaultUrllib2OpenerTest(TestCase):
 
				         opener = default_urllib2_opener(config=config)
			
 
				         self.assertIn(urllib2.ProxyHandler,
			
 
				                       list(map(lambda x: x.__class__, opener.handlers)))
			
 
				+
			
 
				+
			
 
				+class SubprocessSSHVendorTests(TestCase):
			
 
				+
			
 
				+    def test_run_command_dashes(self):
			
 
				+        vendor = SubprocessSSHVendor()
			
 
				+        self.assertRaises(StrangeHostname, vendor.run_command, '--weird-host',
			
 
				+                          'git-clone-url')