Commit 3af5bc7c0bbac60aae03923bb2b0e1f80909016b
2020-03-18T16:13:48
do not allow passing arbitrary options to SSH
diff --git a/lib/fetch.c b/lib/fetch.c
index 0f64ab4..4a328e6 100644
--- a/lib/fetch.c
+++ b/lib/fetch.c
@@ -105,7 +105,7 @@ dial_ssh(int *fetchfd, const char *host, const char *port, const char *path,
n = snprintf(cmd, sizeof(cmd), "git-%s-pack", direction);
if (n < 0 || n >= sizeof(cmd))
err(1, "snprintf");
- if (execl(GOT_FETCH_PATH_SSH, GOT_FETCH_PATH_SSH,
+ if (execl(GOT_FETCH_PATH_SSH, GOT_FETCH_PATH_SSH, "--",
host, cmd, path, NULL) == -1)
err(1, "execl");
abort(); /* not reached */