fix(security): harden SSH target handling (#4001)

Thanks @YLChen-007. Co-authored-by: Edward-x <YLChen-007@users.noreply.github.com>
2026-05-08 03:21:23 +00:00 · 2026-01-29 16:33:36 +00:00
parent 4b5514a259
commit 06289b36da
8 changed files with 82 additions and 5 deletions
--- a/src/infra/ssh-config.test.ts
+++ b/src/infra/ssh-config.test.ts
@@ -54,6 +54,8 @@ describe("ssh-config", () => {
    expect(config?.host).toBe("peters-mac-studio-1.sheep-coho.ts.net");
    expect(config?.port).toBe(2222);
    expect(config?.identityFiles).toEqual(["/tmp/id_ed25519"]);
+    const args = spawnMock.mock.calls[0]?.[1] as string[] | undefined;
+    expect(args?.slice(-2)).toEqual(["--", "me@alias"]);
  });

  it("returns null when ssh -G fails", async () => {
--- a/src/infra/ssh-config.ts
+++ b/src/infra/ssh-config.ts
@@ -58,7 +58,8 @@ export async function resolveSshConfig(
    args.push("-i", opts.identity.trim());
  }
  const userHost = target.user ? `${target.user}@${target.host}` : target.host;
-  args.push(userHost);
+  // Use "--" so userHost can't be parsed as an ssh option.
+  args.push("--", userHost);

  return await new Promise<SshResolvedConfig | null>((resolve) => {
    const child = spawn(sshPath, args, {
--- a/src/infra/ssh-tunnel.test.ts
+++ b/src/infra/ssh-tunnel.test.ts
@@ -0,0 +1,27 @@
+import { describe, expect, it } from "vitest";
+
+import { parseSshTarget } from "./ssh-tunnel.js";
+
+describe("parseSshTarget", () => {
+  it("parses user@host:port targets", () => {
+    expect(parseSshTarget("me@example.com:2222")).toEqual({
+      user: "me",
+      host: "example.com",
+      port: 2222,
+    });
+  });
+
+  it("parses host-only targets with default port", () => {
+    expect(parseSshTarget("example.com")).toEqual({
+      user: undefined,
+      host: "example.com",
+      port: 22,
+    });
+  });
+
+  it("rejects hostnames that start with '-'", () => {
+    expect(parseSshTarget("-V")).toBeNull();
+    expect(parseSshTarget("me@-badhost")).toBeNull();
+    expect(parseSshTarget("-oProxyCommand=echo")).toBeNull();
+  });
+});
--- a/src/infra/ssh-tunnel.ts
+++ b/src/infra/ssh-tunnel.ts
@@ -41,10 +41,14 @@ export function parseSshTarget(raw: string): SshParsedTarget | null {
    const portRaw = hostPart.slice(colonIdx + 1).trim();
    const port = Number.parseInt(portRaw, 10);
    if (!host || !Number.isFinite(port) || port <= 0) return null;
+    // Security: Reject hostnames starting with '-' to prevent argument injection
+    if (host.startsWith("-")) return null;
    return { user: userPart, host, port };
  }

  if (!hostPart) return null;
+  // Security: Reject hostnames starting with '-' to prevent argument injection
+  if (hostPart.startsWith("-")) return null;
  return { user: userPart, host: hostPart, port: 22 };
 }

@@ -134,7 +138,8 @@ export async function startSshPortForward(opts: {
  if (opts.identity?.trim()) {
    args.push("-i", opts.identity.trim());
  }
-  args.push(userHost);
+  // Security: Use '--' to prevent userHost from being interpreted as an option
+  args.push("--", userHost);

  const stderr: string[] = [];
  const child = spawn("/usr/bin/ssh", args, {