Mark Ebbers created SSHD-775:
--------------------------------
Summary: SftpSubSystem::sendStatus leaks Exception information
Key: SSHD-775
URL: https://issues.apache.org/jira/browse/SSHD-775
Project: MINA SSHD
Issue Type: Improvement
Affects Versions: 1.6.0
Reporter: Mark Ebbers
Priority: Minor
I'm using SSHD-core 1.6.0 in my own Sftp server implementation and make use of
the rooted file-system. Now did I notice that a client did try to rename a
file, which was no longer available, and got a response with the substatus
SSH_FX_NO_SUCH_FILE and the message ' Internal NoSuchFileException:
/srv/sftp/chroot/11738/file.txt'.
As a client I now know the following two things:
* The full path on the file-system.
* The server was written in Java. (NoSuchFileException)
I noticed that the SftpSubsystem.sendStatus(Buffer, int, Throwable) uses the
SftpHelper.resolveStatusMessage() method to create a message string to be send
to the client without further checking what information is inside the Exception
message.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
