From 9e5b95468e1d9d16eaae2fa4b260dd3a97dc51e5 Mon Sep 17 00:00:00 2001
From: Cyl <chenyoulong20g@ict.ac.cn>
Date: Thu, 29 Jan 2026 21:58:02 +0800
Subject: [PATCH] fix(security): harden SSH target handling to prevent argument
 injection

- Add hostname validation to reject targets starting with '-'
- Add '--' delimiter before destination to prevent option injection
- Prevents DoS via mDNS poisoning with malicious hostnames

Fixes CWE-88 (Argument Injection)
---
 src/infra/ssh-tunnel.ts | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/src/infra/ssh-tunnel.ts b/src/infra/ssh-tunnel.ts
index 8b3c7693b..399dc22e3 100644
--- a/src/infra/ssh-tunnel.ts
+++ b/src/infra/ssh-tunnel.ts
@@ -41,10 +41,14 @@ export function parseSshTarget(raw: string): SshParsedTarget | null {
     const portRaw = hostPart.slice(colonIdx + 1).trim();
     const port = Number.parseInt(portRaw, 10);
     if (!host || !Number.isFinite(port) || port <= 0) return null;
+    // Security: Reject hostnames starting with '-' to prevent argument injection
+    if (host.startsWith("-")) return null;
     return { user: userPart, host, port };
   }
 
   if (!hostPart) return null;
+  // Security: Reject hostnames starting with '-' to prevent argument injection
+  if (hostPart.startsWith("-")) return null;
   return { user: userPart, host: hostPart, port: 22 };
 }
 
@@ -134,7 +138,8 @@ export async function startSshPortForward(opts: {
   if (opts.identity?.trim()) {
     args.push("-i", opts.identity.trim());
   }
-  args.push(userHost);
+  // Security: Use '--' to prevent userHost from being interpreted as an option
+  args.push("--", userHost);
 
   const stderr: string[] = [];
   const child = spawn("/usr/bin/ssh", args, {