diff options
| author | Patrick Bajao <ebajao@gitlab.com> | 2021-08-04 02:31:15 +0000 |
|---|---|---|
| committer | Patrick Bajao <ebajao@gitlab.com> | 2021-08-04 02:31:15 +0000 |
| commit | df0138b5f0f8f998a832c6c063128f56d1953604 (patch) | |
| tree | 419b8a92d0a60bad566cf821197bec8838d7a130 | |
| parent | 00735e0bbf51e28bcec5086d9d0f62999d19d2c5 (diff) | |
| parent | fcff692b596270483fba4496d3fb7d971367f9d8 (diff) | |
| download | gitlab-shell-df0138b5f0f8f998a832c6c063128f56d1953604.tar.gz | |
Merge branch 'security-300265' into 'main'
Modify regex to prevent partial matches
See merge request gitlab-org/security/gitlab-shell!6
| -rw-r--r-- | internal/command/commandargs/command_args_test.go | 9 | ||||
| -rw-r--r-- | internal/command/commandargs/shell.go | 4 |
2 files changed, 9 insertions, 4 deletions
diff --git a/internal/command/commandargs/command_args_test.go b/internal/command/commandargs/command_args_test.go index 0329c82..7b9f0ad 100644 --- a/internal/command/commandargs/command_args_test.go +++ b/internal/command/commandargs/command_args_test.go @@ -23,14 +23,19 @@ func TestParseSuccess(t *testing.T) { env: sshenv.Env{IsSSHConnection: true, RemoteAddr: "1"}, arguments: []string{}, expectedArgs: &Shell{Arguments: []string{}, SshArgs: []string{}, CommandType: Discover, Env: sshenv.Env{IsSSHConnection: true, RemoteAddr: "1"}}, - }, - { + }, { desc: "It finds the key id in any passed arguments", executable: &executable.Executable{Name: executable.GitlabShell}, env: sshenv.Env{IsSSHConnection: true, RemoteAddr: "1"}, arguments: []string{"hello", "key-123"}, expectedArgs: &Shell{Arguments: []string{"hello", "key-123"}, SshArgs: []string{}, CommandType: Discover, GitlabKeyId: "123", Env: sshenv.Env{IsSSHConnection: true, RemoteAddr: "1"}}, }, { + desc: "It finds the key id only if the argument is of <key-id> format", + executable: &executable.Executable{Name: executable.GitlabShell}, + env: sshenv.Env{IsSSHConnection: true, RemoteAddr: "1"}, + arguments: []string{"hello", "username-key-123"}, + expectedArgs: &Shell{Arguments: []string{"hello", "username-key-123"}, SshArgs: []string{}, CommandType: Discover, GitlabUsername: "key-123", Env: sshenv.Env{IsSSHConnection: true, RemoteAddr: "1"}}, + }, { desc: "It finds the username in any passed arguments", executable: &executable.Executable{Name: executable.GitlabShell}, env: sshenv.Env{IsSSHConnection: true, RemoteAddr: "1"}, diff --git a/internal/command/commandargs/shell.go b/internal/command/commandargs/shell.go index 9cf6720..589f58d 100644 --- a/internal/command/commandargs/shell.go +++ b/internal/command/commandargs/shell.go @@ -20,8 +20,8 @@ const ( ) var ( - whoKeyRegex = regexp.MustCompile(`\bkey-(?P<keyid>\d+)\b`) - whoUsernameRegex = regexp.MustCompile(`\busername-(?P<username>\S+)\b`) + whoKeyRegex = regexp.MustCompile(`\Akey-(?P<keyid>\d+)\z`) + whoUsernameRegex = regexp.MustCompile(`\Ausername-(?P<username>\S+)\z`) ) type Shell struct { |