[6.0] 79c9415f3 Introduction of '-' CLI prefix allowed empty commands to sneak through.
Dridi Boukelmoune
dridi.boukelmoune at gmail.com
Thu Aug 16 08:52:59 UTC 2018
commit 79c9415f3dc049e6d8d0a7aa410c0ae616724599
Author: Poul-Henning Kamp <phk at FreeBSD.org>
Date: Tue May 22 13:09:31 2018 +0000
Introduction of '-' CLI prefix allowed empty commands to sneak through.
Fixes #2647
diff --git a/bin/varnishtest/tests/r02647.vtc b/bin/varnishtest/tests/r02647.vtc
new file mode 100644
index 000000000..09c63cee4
--- /dev/null
+++ b/bin/varnishtest/tests/r02647.vtc
@@ -0,0 +1,15 @@
+varnishtest "empty cli command"
+
+server s1 {
+ rxreq
+ txresp
+} -start
+
+varnish v1 -vcl+backend {} -start
+
+varnish v1 -clierr 100 "-"
+
+client c1 {
+ txreq
+ rxresp
+} -run
diff --git a/lib/libvarnish/vcli_serve.c b/lib/libvarnish/vcli_serve.c
index 5171d3173..b1084a162 100644
--- a/lib/libvarnish/vcli_serve.c
+++ b/lib/libvarnish/vcli_serve.c
@@ -278,6 +278,12 @@ cls_exec(struct VCLS_fd *cfd, char * const *av)
break;
}
+ if (av[1] == NULL) {
+ VCLI_Out(cli, "Empty CLI command.\n");
+ VCLI_SetResult(cli, CLIS_SYNTAX);
+ break;
+ }
+
if (isupper(av[1][0])) {
VCLI_Out(cli, "all commands are in lower-case.\n");
VCLI_SetResult(cli, CLIS_UNKNOWN);
More information about the varnish-commit
mailing list