From: Craig Gumbley <craiggumbley@gmail.com>
Date: Thu, 11 Aug 2022 20:13:11 +0000 (+0000)
Subject: Harden apt-mark defined type
X-Git-Tag: v9.0.0~3^2~1
X-Git-Url: https://review.fuel-infra.org/gitweb?a=commitdiff_plain;h=eed10ea359d0fe144da90a8425cd14dc3c6c8f18;hp=eed10ea359d0fe144da90a8425cd14dc3c6c8f18;p=puppet-modules%2Fpuppetlabs-apt.git

Harden apt-mark defined type

Prior to this commit the title parameter of this defined
type was not properly validated. This means that it could have been
possible to use a resource title outside of the normal bounds of
a package name.

Additionally the `onlyif` and `command` parameter values were
interpolated strings meaning that it may have been possible to
execute unsafe code on the remote system.

This commit fixes the above issues by adding a regex to check that the
resource title is a valid apt package name and also breaks out the
`onlyif` and `command` parameter values in to arrays of args ensuring
that the commands executed in a safe manor on the remote system.

The exception in this commit is the `unless_cmd`. This has not been
broken out in to an array of args due to the requirement of the command.
This is a reasonable trade of however due to the fact that action is
created from known enum values and title would be pre-validated.
This is also explained in mark.pp:20.
---