review.fuel-infra Code Review - puppet-modules/puppetlabs-apt.git/commit

author	Craig Gumbley <craiggumbley@gmail.com>
	Thu, 11 Aug 2022 20:13:11 +0000 (20:13 +0000)
committer	Craig Gumbley <craiggumbley@gmail.com>
	Fri, 12 Aug 2022 10:50:24 +0000 (10:50 +0000)
commit	eed10ea359d0fe144da90a8425cd14dc3c6c8f18
tree	dfd28099e34ecaf03e099a1402b3cd339ab2796b	tree \| snapshot
parent	4b12e7b33263abffe5f1369b4a73272daf4e5248	commit \| diff

Harden apt-mark defined type

Prior to this commit the title parameter of this defined
type was not properly validated. This means that it could have been
possible to use a resource title outside of the normal bounds of
a package name.

Additionally the `onlyif` and `command` parameter values were
interpolated strings meaning that it may have been possible to
execute unsafe code on the remote system.

This commit fixes the above issues by adding a regex to check that the
resource title is a valid apt package name and also breaks out the
`onlyif` and `command` parameter values in to arrays of args ensuring
that the commands executed in a safe manor on the remote system.

The exception in this commit is the `unless_cmd`. This has not been
broken out in to an array of args due to the requirement of the command.
This is a reasonable trade of however due to the fact that action is
created from known enum values and title would be pre-validated.
This is also explained in mark.pp:20.

examples/mark.pp	[new file with mode: 0644]	blob
manifests/mark.pp		diff \| blob \| history