Re: Tab-completion problem through ssh when files start by dash (_remote_files:compadd:80: bad option: -@)

zsh-workers
 help / color / mirror / code / Atom feed

From: Antoine Amarilli <a3nm@a3nm.net>
To: Daniel Shahaf <d.s@daniel.shahaf.name>
Cc: zsh-workers@zsh.org
Subject: Re: Tab-completion problem through ssh when files start by dash (_remote_files:compadd:80: bad option: -@)
Date: Sun, 16 Apr 2017 21:08:31 +0200	[thread overview]
Message-ID: <20170416190831.m7mxeishvj5exyqs@mu.a3nm.net> (raw)
In-Reply-To: <20170415011902.GB12706@fujitsu.shahaf.local2>

[-- Attachment #1: Type: text/plain, Size: 1468 bytes --]

Hi Daniel,

Thanks for your reply.

On Sat, Apr 15, 2017 at 01:19:02AM +0000, Daniel Shahaf wrote:
> Antoine Amarilli wrote on Thu, Apr 13, 2017 at 19:47:17 +0200:
> > So it looks to me like the internals of tab-completion are not properly
> > escaping the file names in this case, hence the warning. This is mostly
> > an annoyance, but maybe there could be some more problematic
> > implications (e.g., maybe a malicious jdoe on bar could create files
> > that would pass actual options to compadd and mess up more seriously
> > with the zsh session on foo).
> 
> The «-R remote-func» option seems to be the most obvious method of
> injection.  I'm not sure whether it requires a literal function name, or
> whether an anonymous function would be accepted too.

I played a bit with it but wasn't able to get it to execute. That said,
I'm not at all familiar with the semantics of compadd, so someone more
familiar who can reproduce the problem may be able to achieve
something...

> I think this fixes it?
> 
> diff --git a/Completion/Unix/Type/_remote_files b/Completion/Unix/Type/_remote_files
> index 1e9fed1..a5fce9a 100644

I patched my copy of
/usr/share/zsh/functions/Completion/Unix/_remote_files following this
diff, and indeed this silences the warning and tab-completion seems to
work. Thanks!

I guess it would be good to commit this fix in the codebase then?

Thanks a lot again!

Best,

-- 
Antoine Amarilli


[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]

next prev parent reply	other threads:[~2017-04-16 19:08 UTC|newest]

Thread overview: 5+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2017-04-13 17:47 Antoine Amarilli
2017-04-15  1:19 ` Daniel Shahaf
2017-04-15 15:59   ` Bart Schaefer
2017-04-16 19:08   ` Antoine Amarilli [this message]
2017-04-16 20:14     ` Daniel Shahaf

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20170416190831.m7mxeishvj5exyqs@mu.a3nm.net \
    --to=a3nm@a3nm.net \
    --cc=d.s@daniel.shahaf.name \
    --cc=zsh-workers@zsh.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

Code repositories for project(s) associated with this public inbox

	https://git.vuxu.org/mirror/zsh/

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).