fix: escape quotes/newlines in YAML and gitconfig emitters
test / unit (pull_request) Successful in 35s
test / integration (pull_request) Successful in 17s
lint / lint (push) Successful in 1m48s
test / unit (push) Successful in 32s
test / integration (push) Successful in 16s
Update Quality Badges / update-badges (push) Successful in 1m18s
test / unit (pull_request) Successful in 35s
test / integration (pull_request) Successful in 17s
lint / lint (push) Successful in 1m48s
test / unit (push) Successful in 32s
test / integration (push) Successful in 16s
Update Quality Badges / update-badges (push) Successful in 1m18s
Closes #258. `egress_render_routes` and `_render_match_entry` now pass all manifest strings (host, auth_scheme, token_env, path/header values) through `_yaml_str_escape` before interpolating into double-quoted YAML scalars, preventing stray `"` or newlines from corrupting routes.yaml. `git_gate_render_gitconfig` now calls `_gitconfig_validate_value` on each Upstream value (and the derived alias) before writing the `insteadOf` line, rejecting any value containing a newline that would inject arbitrary gitconfig keys.
This commit was merged in pull request #276.
This commit is contained in:
@@ -8,6 +8,7 @@ import unittest
|
||||
|
||||
from bot_bottle.git_gate import (
|
||||
GIT_GATE_HOSTNAME,
|
||||
_gitconfig_validate_value,
|
||||
git_gate_render_gitconfig,
|
||||
)
|
||||
from bot_bottle.manifest import ManifestIndex
|
||||
@@ -90,5 +91,42 @@ class TestGitGateGitconfigRender(unittest.TestCase):
|
||||
self.assertNotIn("gitea.dideric.is", out)
|
||||
|
||||
|
||||
class TestGitconfigValidateValue(unittest.TestCase):
|
||||
"""_gitconfig_validate_value rejects values that would inject gitconfig keys."""
|
||||
|
||||
def test_normal_url_passes(self):
|
||||
_gitconfig_validate_value("url", "ssh://git@github.com/owner/repo.git")
|
||||
|
||||
def test_newline_in_url_raises(self):
|
||||
with self.assertRaises(ValueError):
|
||||
_gitconfig_validate_value("url", "ssh://git@github.com/owner/\nrepo.git")
|
||||
|
||||
def test_carriage_return_in_url_raises(self):
|
||||
with self.assertRaises(ValueError):
|
||||
_gitconfig_validate_value("url", "ssh://git@github.com/\rrepo.git")
|
||||
|
||||
def test_error_message_names_field(self):
|
||||
with self.assertRaises(ValueError, msg="error should name the field") as ctx:
|
||||
_gitconfig_validate_value("repos['bad'].url", "ssh://host/\npath")
|
||||
self.assertIn("repos['bad'].url", str(ctx.exception))
|
||||
|
||||
|
||||
class TestGitconfigRenderRejectsNewlineInUpstream(unittest.TestCase):
|
||||
"""git_gate_render_gitconfig raises on Upstream values with newlines."""
|
||||
|
||||
def test_newline_in_upstream_raises(self):
|
||||
m = ManifestIndex.from_json_obj({
|
||||
"bottles": {"dev": {"git-gate": {"repos": {
|
||||
"evil": {
|
||||
"url": "ssh://git@github.com/owner/\nfake-key = injected\nrepo.git",
|
||||
"key": {"provider": "static", "path": "/dev/null"},
|
||||
},
|
||||
}}}},
|
||||
"agents": {"demo": {"skills": [], "prompt": "", "bottle": "dev"}},
|
||||
})
|
||||
with self.assertRaises(ValueError):
|
||||
git_gate_render_gitconfig(m.bottles["dev"].git, GIT_GATE_HOSTNAME)
|
||||
|
||||
|
||||
if __name__ == "__main__":
|
||||
unittest.main()
|
||||
|
||||
Reference in New Issue
Block a user