From 7d9e74e950aa0118b5f20ea0ffc34047211cc630 Mon Sep 17 00:00:00 2001 From: Nils Werner Date: Fri, 24 Oct 2014 16:19:13 +0200 Subject: [PATCH 1/2] Wrap ssh cmd in quotes to prevent execution of &&-chained commands on local machine --- plugin/deploy/ssh.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/plugin/deploy/ssh.go b/plugin/deploy/ssh.go index 0799dd88..0a9653a4 100644 --- a/plugin/deploy/ssh.go +++ b/plugin/deploy/ssh.go @@ -81,7 +81,7 @@ func (s *SSH) Write(f *buildfile.Buildfile) { } if len(s.Cmd) > 0 { - sshCmd := "ssh -o StrictHostKeyChecking=no -p %s %s %s" + sshCmd := "ssh -o StrictHostKeyChecking=no -p %s %s \"%s\"" f.WriteCmd(fmt.Sprintf(sshCmd, host[1], strings.SplitN(host[0], ":", 2)[0], s.Cmd)) } } From 3fa78ac0885eaa13c4d55ab583a606d7ea881b23 Mon Sep 17 00:00:00 2001 From: Nils Werner Date: Sat, 25 Oct 2014 15:04:22 +0200 Subject: [PATCH 2/2] Fix failing unittest --- plugin/deploy/ssh_test.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/plugin/deploy/ssh_test.go b/plugin/deploy/ssh_test.go index 581f15cc..037d3ab3 100644 --- a/plugin/deploy/ssh_test.go +++ b/plugin/deploy/ssh_test.go @@ -70,7 +70,7 @@ func TestSSHNoArtifact(t *testing.T) { t.Error("Expect script not to contains scp command") } - if !strings.Contains(bscr, "ssh -o StrictHostKeyChecking=no -p 22 user@test.example.com /opt/bin/redeploy.sh") { + if !strings.Contains(bscr, "ssh -o StrictHostKeyChecking=no -p 22 user@test.example.com \"/opt/bin/redeploy.sh\"") { t.Error("Expect script to contains ssh command") } }