Unset SSH_ORIGINAL_COMMAND in forked slave

If we have a SSH_ORIGINAL_COMMAND without a "--slave" in it and fork a lokal slave which inherits the environment, we run into a fork bomb because SSH_ORIGINAL_COMMAND will override the slaves argv making it a master. Under normal conditions, this can't happen because the SSH_ORIGINAL_COMMAND from ssh-config is supposed to contain "--slave". We can only run into that situation with configuration error or a manual override during debugging. Anyway, unset SSH_ORIGINAL_COMMAND in the forked slave to avoid the situation which is difficult to analye.
mariux64 · Jun 8, 2022 · ea00fe4 · ea00fe4
1 parent 4aae63e
commit ea00fe4
Showing 1 changed file with 2 additions and 0 deletions.
diff --git a/cmirror.c b/cmirror.c
@@ -1196,6 +1196,8 @@ static void master(char *master_path, char *slave_user, char *slave, char *slave
                 unlink(unix_socket_name);
         }
 
+        unsetenv("SSH_ORIGINAL_COMMAND");
+
         execvp(args->pdata[0], (char **)args->pdata);
         die("exec %s: %m\n", args->pdata[0]);
     }