diff options
author | vkalintiris <vasilis@netdata.cloud> | 2022-11-29 17:26:35 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2022-11-29 17:26:35 +0200 |
commit | 4de2ce54d59a4128425f8dde5924eed4fc6dad97 (patch) | |
tree | 698f01c9f404468887d4ae4ff797c3cef8c7ce21 /daemon | |
parent | 462988dac901e95e765cd6be2dc24a5c33595526 (diff) |
Sanitize command arguments. (#14064)
* Sanitize bash arguments.
Remove leading dashes and escape single quotes in command arguments.
* Quote expanded variable in test
Diffstat (limited to 'daemon')
-rw-r--r-- | daemon/main.c | 3 | ||||
-rw-r--r-- | daemon/unit_test.c | 55 | ||||
-rw-r--r-- | daemon/unit_test.h | 4 |
3 files changed, 62 insertions, 0 deletions
diff --git a/daemon/main.c b/daemon/main.c index 67d24d6977..6b591385d6 100644 --- a/daemon/main.c +++ b/daemon/main.c @@ -1024,6 +1024,9 @@ int main(int argc, char **argv) { fprintf(stderr, "\n\nALL TESTS PASSED\n\n"); return 0; } + else if(strcmp(optarg, "escapetest") == 0) { + return command_argument_sanitization_tests(); + } #ifdef ENABLE_ML_TESTS else if(strcmp(optarg, "mltest") == 0) { return test_ml(argc, argv); diff --git a/daemon/unit_test.c b/daemon/unit_test.c index be50960196..f698618695 100644 --- a/daemon/unit_test.c +++ b/daemon/unit_test.c @@ -2,6 +2,61 @@ #include "common.h" +static bool cmd_arg_sanitization_test(const char *expected, const char *src, char *dst, size_t dst_size) { + bool ok = sanitize_command_argument_string(dst, src, dst_size); + + if (!expected) + return ok == false; + + return strcmp(expected, dst) == 0; +} + +bool command_argument_sanitization_tests() { + char dst[1024]; + + for (size_t i = 0; i != 5; i++) { + const char *expected = i == 4 ? "'\\''" : NULL; + if (cmd_arg_sanitization_test(expected, "'", dst, i) == false) { + fprintf(stderr, "expected: >>>%s<<<, got: >>>%s<<<\n", expected, dst); + return 1; + } + } + + for (size_t i = 0; i != 9; i++) { + const char *expected = i == 8 ? "'\\'''\\''" : NULL; + if (cmd_arg_sanitization_test(expected, "''", dst, i) == false) { + fprintf(stderr, "expected: >>>%s<<<, got: >>>%s<<<\n", expected, dst); + return 1; + } + } + + for (size_t i = 0; i != 7; i++) { + const char *expected = i == 6 ? "'\\''a" : NULL; + if (cmd_arg_sanitization_test(expected, "'a", dst, i) == false) { + fprintf(stderr, "expected: >>>%s<<<, got: >>>%s<<<\n", expected, dst); + return 1; + } + } + + for (size_t i = 0; i != 7; i++) { + const char *expected = i == 6 ? "a'\\''" : NULL; + if (cmd_arg_sanitization_test(expected, "a'", dst, i) == false) { + fprintf(stderr, "expected: >>>%s<<<, got: >>>%s<<<\n", expected, dst); + return 1; + } + } + + for (size_t i = 0; i != 22; i++) { + const char *expected = i == 21 ? "foo'\\''a'\\'''\\'''\\''b" : NULL; + if (cmd_arg_sanitization_test(expected, "--foo'a'''b", dst, i) == false) { + fprintf(stderr, "expected: >>>%s<<<, got: >>>%s<<<\n length: %zu\n", expected, dst, strlen(dst)); + return 1; + } + } + + return 0; +} + static int check_number_printing(void) { struct { NETDATA_DOUBLE n; diff --git a/daemon/unit_test.h b/daemon/unit_test.h index dab1368b6c..f79bd5c403 100644 --- a/daemon/unit_test.h +++ b/daemon/unit_test.h @@ -3,6 +3,8 @@ #ifndef NETDATA_UNIT_TEST_H #define NETDATA_UNIT_TEST_H 1 +#include "stdbool.h" + int unit_test_storage(void); int unit_test(long delay, long shift); int run_all_mockup_tests(void); @@ -19,4 +21,6 @@ void dbengine_stress_test(unsigned TEST_DURATION_SEC, unsigned DSET_CHARTS, unsi #endif +bool command_argument_sanitization_tests(); + #endif /* NETDATA_UNIT_TEST_H */ |