mina-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Mark Ebbers (JIRA)" <j...@apache.org>
Subject [jira] [Created] (SSHD-775) SftpSubSystem::sendStatus leaks Exception information
Date Thu, 28 Sep 2017 08:15:00 GMT
Mark Ebbers created SSHD-775:
--------------------------------

             Summary: SftpSubSystem::sendStatus leaks Exception information
                 Key: SSHD-775
                 URL: https://issues.apache.org/jira/browse/SSHD-775
             Project: MINA SSHD
          Issue Type: Improvement
    Affects Versions: 1.6.0
            Reporter: Mark Ebbers
            Priority: Minor


I'm using SSHD-core 1.6.0 in my own Sftp server implementation and make use of the rooted
file-system. Now did I notice that a client did try to rename a file, which was no longer
available, and got a response with the substatus SSH_FX_NO_SUCH_FILE and the message ' Internal
NoSuchFileException: /srv/sftp/chroot/11738/file.txt'.

As a client I now know the following two things:
* The full path on the file-system.
* The server was written in Java. (NoSuchFileException)

I noticed that the SftpSubsystem.sendStatus(Buffer, int, Throwable) uses the SftpHelper.resolveStatusMessage()
method to create a message string to be send to the client without further checking what information
is inside the Exception message. 




--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Mime
View raw message