Description
I pulled version: 0.0.14.0 on May 19. I just fetched version: 0.0.15.0 (June 4) today to compare. I don't believe the below issues have been corrected.
Git using Win32-OpenSSH ssh server runs as a nopty service. There are two defects in the nopty code:
- shell-host.c passes through to cmd.exe, single quotes as literals. The literal single quotes become part of the file path name, resulting in an incorrect file path.
- The service loop in shell-host.c, which passes its stdin to the child stdin is coded with incorrect file handles. Part of the input is currently passed back to sshd.
A temporary workaround for issue 1 is to replace all single quotes with double quotes just before the call to invoke cmd /c:
@@ -1136,7 +1136,21 @@ start_withno_pty(wchar_t *command)
if (command) {
GOTO_CLEANUP_ON_ERR(wcscat_s(cmd, MAX_CMD_LEN, L" /c"));
GOTO_CLEANUP_ON_ERR(wcscat_s(cmd, MAX_CMD_LEN, L" "));
+ int i = 0;
+ while (command[i] != L'\0')
+ {
+ if (command[i] == L'\'' )
+ command[i] = L'\"';
+ i++;
+ }
GOTO_CLEANUP_ON_ERR(wcscat_s(cmd, MAX_CMD_LEN, command));
A fix for issue 2 is to use the child process file handle instead of the sshd file handle:
@@ -1184,7 +1198,7 @@ start_withno_pty(wchar_t *command)
/* for backspace, we need to send space and another backspace for visual erase */
if (buf[i] == '\b') {
if (in_cmd_len > 0) {
- GOTO_CLEANUP_ON_FALSE(WriteFile(pipe_out, "\b \b", 3, &wr, NULL));
+ GOTO_CLEANUP_ON_FALSE(WriteFile(child_pipe_write, "\b \b", 3, &wr, NULL));
in_cmd_len--;
}
i++;
@@ -1194,10 +1208,10 @@ start_withno_pty(wchar_t *command)
/* For CR and LF */
if ((buf[i] == '\r') || (buf[i] == '\n')) {
/* TODO - do a much accurate mapping */
- GOTO_CLEANUP_ON_FALSE(WriteFile(pipe_out, buf + i, 1, &wr, NULL));
+ GOTO_CLEANUP_ON_FALSE(WriteFile(child_pipe_write, buf + i, 1, &wr, NULL));
if ((buf[i] == '\r') && ((i == rd - 1) || (buf[i + 1] != '\n'))) {
buf[i] = '\n';
- GOTO_CLEANUP_ON_FALSE(WriteFile(pipe_out, buf + i, 1, &wr, NULL));
+ GOTO_CLEANUP_ON_FALSE(WriteFile(child_pipe_write, buf + i, 1, &wr, NULL));
}
in_cmd[in_cmd_len] = buf[i];
in_cmd_len++;
@@ -1207,7 +1221,7 @@ start_withno_pty(wchar_t *command)
continue;
}
- GOTO_CLEANUP_ON_FALSE(WriteFile(pipe_out, buf + i, 1, &wr, NULL));
+ GOTO_CLEANUP_ON_FALSE(WriteFile(child_pipe_write, buf + i, 1, &wr, NULL));
in_cmd[in_cmd_len] = buf[i];
in_cmd_len++;
if (in_cmd_len == MAX_CMD_LEN - 1) {
Finally, there is defect and debug issue in signal_sigchld.c. The zombied children count can become too large, which causes a seg fault. When debugging sshd.exe /ddd, debug3() is writing during signal processing which corrupts the stack. Debug3() should not write while running on an exception frame. A check for incorrect zombie count should be added:
@@ -104,14 +104,20 @@ sw_child_to_zombie(DWORD index)
DWORD last_non_zombie, zombie_pid;
HANDLE zombie_handle;
- debug3("zombie'ing child at index %d, %d zombies of %d", index,
- children.num_zombies, children.num_children);
+ //debug3("zombie'ing child at index %d, %d zombies of %d", index,
+ //children.num_zombies, children.num_children);
if (index >= children.num_children) {
errno = EINVAL;
return -1;
}
-
+ //debug3(" %x zombies, %x children",children.num_zombies, children.num_children);
+ if((children.num_children - children.num_zombies) == 0)
+ {
+ //debug2("children == zombies, can't make more zombies");
+ errno = EINVAL;
+ return -1;
+ }
last_non_zombie = children.num_children - children.num_zombies - 1;
if (last_non_zombie != index) {
/* swap */
I'm running on Windows 10 and Windows 7 systems.
Extreme care must be taken with search paths when debugging a git server using ssh protocol on Windows, especially if cygwin and mingw, etc., are also installed on the system This is true for the client and server side. Multiple executables for ssh, sshd, and git commands can cause problems if close attention is not paid to search paths.