Fix detection of invalid context files when importing

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 5f93509668)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
This commit is contained in:
Sebastiaan van Stijn 2019-06-05 18:12:34 +02:00
parent f913afa98c
commit 17b3250f0f
No known key found for this signature in database
GPG Key ID: 76698F39D527CE8C
2 changed files with 72 additions and 3 deletions

View File

@ -300,7 +300,7 @@ func importTar(name string, s Writer, reader io.Reader) error {
tlsData := ContextTLSData{ tlsData := ContextTLSData{
Endpoints: map[string]EndpointTLSData{}, Endpoints: map[string]EndpointTLSData{},
} }
var importedMetaFile bool
for { for {
hdr, err := tr.Next() hdr, err := tr.Next()
if err == io.EOF { if err == io.EOF {
@ -325,6 +325,7 @@ func importTar(name string, s Writer, reader io.Reader) error {
if err := s.CreateOrUpdate(meta); err != nil { if err := s.CreateOrUpdate(meta); err != nil {
return err return err
} }
importedMetaFile = true
} else if strings.HasPrefix(hdr.Name, "tls/") { } else if strings.HasPrefix(hdr.Name, "tls/") {
data, err := ioutil.ReadAll(tr) data, err := ioutil.ReadAll(tr)
if err != nil { if err != nil {
@ -335,7 +336,9 @@ func importTar(name string, s Writer, reader io.Reader) error {
} }
} }
} }
if !importedMetaFile {
return errdefs.InvalidParameter(errors.New("invalid context: no metadata found"))
}
return s.ResetTLSMaterial(name, &tlsData) return s.ResetTLSMaterial(name, &tlsData)
} }
@ -352,6 +355,7 @@ func importZip(name string, s Writer, reader io.Reader) error {
Endpoints: map[string]EndpointTLSData{}, Endpoints: map[string]EndpointTLSData{},
} }
var importedMetaFile bool
for _, zf := range zr.File { for _, zf := range zr.File {
fi := zf.FileInfo() fi := zf.FileInfo()
if fi.IsDir() { if fi.IsDir() {
@ -376,6 +380,7 @@ func importZip(name string, s Writer, reader io.Reader) error {
if err := s.CreateOrUpdate(meta); err != nil { if err := s.CreateOrUpdate(meta); err != nil {
return err return err
} }
importedMetaFile = true
} else if strings.HasPrefix(zf.Name, "tls/") { } else if strings.HasPrefix(zf.Name, "tls/") {
f, err := zf.Open() f, err := zf.Open()
if err != nil { if err != nil {
@ -392,7 +397,9 @@ func importZip(name string, s Writer, reader io.Reader) error {
} }
} }
} }
if !importedMetaFile {
return errdefs.InvalidParameter(errors.New("invalid context: no metadata found"))
}
return s.ResetTLSMaterial(name, &tlsData) return s.ResetTLSMaterial(name, &tlsData)
} }

View File

@ -1,6 +1,7 @@
package store package store
import ( import (
"archive/tar"
"archive/zip" "archive/zip"
"bufio" "bufio"
"bytes" "bytes"
@ -144,6 +145,39 @@ func TestDetectImportContentType(t *testing.T) {
assert.Assert(t, zipType != ct) assert.Assert(t, zipType != ct)
} }
func TestImportTarInvalid(t *testing.T) {
testDir, err := ioutil.TempDir("", t.Name())
assert.NilError(t, err)
defer os.RemoveAll(testDir)
tf := path.Join(testDir, "test.context")
f, err := os.Create(tf)
defer f.Close()
assert.NilError(t, err)
tw := tar.NewWriter(f)
hdr := &tar.Header{
Name: "dummy-file",
Mode: 0600,
Size: int64(len("hello world")),
}
err = tw.WriteHeader(hdr)
assert.NilError(t, err)
_, err = tw.Write([]byte("hello world"))
assert.NilError(t, err)
err = tw.Close()
assert.NilError(t, err)
source, err := os.Open(tf)
assert.NilError(t, err)
defer source.Close()
var r io.Reader = source
s := New(testDir, testCfg)
err = Import("tarInvalid", s, r)
assert.ErrorContains(t, err, "invalid context: no metadata found")
}
func TestImportZip(t *testing.T) { func TestImportZip(t *testing.T) {
testDir, err := ioutil.TempDir("", t.Name()) testDir, err := ioutil.TempDir("", t.Name())
assert.NilError(t, err) assert.NilError(t, err)
@ -194,3 +228,31 @@ func TestImportZip(t *testing.T) {
err = Import("zipTest", s, r) err = Import("zipTest", s, r)
assert.NilError(t, err) assert.NilError(t, err)
} }
func TestImportZipInvalid(t *testing.T) {
testDir, err := ioutil.TempDir("", t.Name())
assert.NilError(t, err)
defer os.RemoveAll(testDir)
zf := path.Join(testDir, "test.zip")
f, err := os.Create(zf)
defer f.Close()
assert.NilError(t, err)
w := zip.NewWriter(f)
df, err := w.Create("dummy-file")
assert.NilError(t, err)
_, err = df.Write([]byte("hello world"))
assert.NilError(t, err)
err = w.Close()
assert.NilError(t, err)
source, err := os.Open(zf)
assert.NilError(t, err)
defer source.Close()
var r io.Reader = source
s := New(testDir, testCfg)
err = Import("zipInvalid", s, r)
assert.ErrorContains(t, err, "invalid context: no metadata found")
}