diff options
| author | Patrick Bajao <ebajao@gitlab.com> | 2021-07-26 05:51:09 +0000 |
|---|---|---|
| committer | Patrick Bajao <ebajao@gitlab.com> | 2021-07-26 05:51:09 +0000 |
| commit | d6b32537346c98c21f25a84e9bd060c6a9188fec (patch) | |
| tree | 7f1b2348f812dfb90c518d7344602125e82a138a | |
| parent | 584643e0e10e0cbeee4f8366b5e50656dfee9ea4 (diff) | |
| parent | be84773e180914570ef2af88c839df3d26149153 (diff) | |
| download | gitlab-shell-13-18-stable.tar.gz | |
Merge branch 'security-300265-13-18' into '13-18-stable'v13.18.113-18-stable
Modify regex to prevent partial matches
See merge request gitlab-org/security/gitlab-shell!8
| -rw-r--r-- | CHANGELOG | 4 | ||||
| -rw-r--r-- | VERSION | 2 | ||||
| -rw-r--r-- | internal/command/commandargs/command_args_test.go | 9 | ||||
| -rw-r--r-- | internal/command/commandargs/shell.go | 4 |
4 files changed, 14 insertions, 5 deletions
@@ -1,3 +1,7 @@ +v13.18.1 + +- Modify regex to prevent partial matches + v13.18.0 - Fix thread-safety issues in gitlab-shell !463 @@ -1 +1 @@ -13.18.0 +13.18.1 diff --git a/internal/command/commandargs/command_args_test.go b/internal/command/commandargs/command_args_test.go index 0329c82..7b9f0ad 100644 --- a/internal/command/commandargs/command_args_test.go +++ b/internal/command/commandargs/command_args_test.go @@ -23,14 +23,19 @@ func TestParseSuccess(t *testing.T) { env: sshenv.Env{IsSSHConnection: true, RemoteAddr: "1"}, arguments: []string{}, expectedArgs: &Shell{Arguments: []string{}, SshArgs: []string{}, CommandType: Discover, Env: sshenv.Env{IsSSHConnection: true, RemoteAddr: "1"}}, - }, - { + }, { desc: "It finds the key id in any passed arguments", executable: &executable.Executable{Name: executable.GitlabShell}, env: sshenv.Env{IsSSHConnection: true, RemoteAddr: "1"}, arguments: []string{"hello", "key-123"}, expectedArgs: &Shell{Arguments: []string{"hello", "key-123"}, SshArgs: []string{}, CommandType: Discover, GitlabKeyId: "123", Env: sshenv.Env{IsSSHConnection: true, RemoteAddr: "1"}}, }, { + desc: "It finds the key id only if the argument is of <key-id> format", + executable: &executable.Executable{Name: executable.GitlabShell}, + env: sshenv.Env{IsSSHConnection: true, RemoteAddr: "1"}, + arguments: []string{"hello", "username-key-123"}, + expectedArgs: &Shell{Arguments: []string{"hello", "username-key-123"}, SshArgs: []string{}, CommandType: Discover, GitlabUsername: "key-123", Env: sshenv.Env{IsSSHConnection: true, RemoteAddr: "1"}}, + }, { desc: "It finds the username in any passed arguments", executable: &executable.Executable{Name: executable.GitlabShell}, env: sshenv.Env{IsSSHConnection: true, RemoteAddr: "1"}, diff --git a/internal/command/commandargs/shell.go b/internal/command/commandargs/shell.go index 9cf6720..589f58d 100644 --- a/internal/command/commandargs/shell.go +++ b/internal/command/commandargs/shell.go @@ -20,8 +20,8 @@ const ( ) var ( - whoKeyRegex = regexp.MustCompile(`\bkey-(?P<keyid>\d+)\b`) - whoUsernameRegex = regexp.MustCompile(`\busername-(?P<username>\S+)\b`) + whoKeyRegex = regexp.MustCompile(`\Akey-(?P<keyid>\d+)\z`) + whoUsernameRegex = regexp.MustCompile(`\Ausername-(?P<username>\S+)\z`) ) type Shell struct { |