[PUP-10536] Puppet windows package provider fails if there are garbage characters after an embedded NULL - Puppet Jira Server

Details

Type: Bug
Status: Closed
Priority: Normal
Resolution: Fixed
Affects Version/s: None
Fix Version/s: PUP 5.5.21, PUP 6.17.0
Component/s: None
Labels:
- doc_reviewed
- jira_escalated

Team:
Night's Watch
Story Points:
2
Sprint:
NW - 2020-06-10, NW - 2020-06-24

Zendesk Ticket IDs:
38573,39469,43253,50334
Zendesk Ticket Count:
4

Release Notes:
Bug Fix
Release Notes Summary:
Fixed a bug in the windows package provider when reading package version form registry. This happened if there were any garbage characters after the wide null terminator and puppet would fail.

QA Risk Assessment:
Needs Assessment

Description

Puppet scans the registry when retrieving the list of currently installed packages. If one of the registry values it scans contains an embedded null followed by garbage, then puppet will try to transcode from UTF-16LE to UTF-8 and may fail.

A fix for the embedded NULL problem was made in ~~PUP-9639~~. However, it only works if transcoding succeeds.

When reading package names, versions, etc from the registry puppet should read up to the first wide null or the length of the string, whichever comes first, and remove the sanitize method.

If there is a problem reading one of the whitelisted keys, it should print the name of the key in the error message.

To reproduce, import the following registry file whose DisplayVersion is corrupt and try to run puppet:

C:\ProgramData\PuppetLabs>type C:\Users\Administrator\Documents\test.reg

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PUP10536]

"DisplayName"="PUP10536"

"DisplayVersion"=hex(2):31,0,36,0,2e,0,30,0,2e,0,31,0,30,0,33,0,35,0,37,0,2e,0,32,0,30,0,30,0,30,0,32,0,0,0,0,0,0,0,0,0,f3,23,8a,bc,fa,7f,0,0,10,65,74,b9,fa,7f,0,0,90,d8,55,6f,59,0,0,0

C:\ProgramData\PuppetLabs>reg import C:\Users\Administrator\Documents\test.reg

The operation completed successfully.

C:\ProgramData\PuppetLabs>puppet resource package --trace

Error: Could not run: "\x90\xD8" followed by "Uo" on UTF-16LE

C:/Program Files/Puppet Labs/Puppet/puppet/lib/ruby/vendor_ruby/puppet/util/windows/api_types.rb:59:in `encode'

C:/Program Files/Puppet Labs/Puppet/puppet/lib/ruby/vendor_ruby/puppet/util/windows/api_types.rb:59:in `read_wide_string'

C:/Program Files/Puppet Labs/Puppet/puppet/lib/ruby/vendor_ruby/puppet/util/windows/registry.rb:237:in `block in read'

C:/Program Files/Puppet Labs/Puppet/puppet/lib/ruby/vendor_ruby/puppet/util/windows/registry.rb:281:in `block (3 levels) in query_value_ex'

C:/Program Files/Puppet Labs/Puppet/puppet/lib/ruby/vendor_ruby/puppet/util/windows/registry.rb:268:in `initialize'

C:/Program Files/Puppet Labs/Puppet/puppet/lib/ruby/vendor_ruby/puppet/util/windows/registry.rb:268:in `new'

C:/Program Files/Puppet Labs/Puppet/puppet/lib/ruby/vendor_ruby/puppet/util/windows/registry.rb:268:in `block (2 levels) in query_value_ex'

C:/Program Files/Puppet Labs/Puppet/puppet/lib/ruby/vendor_ruby/puppet/util/windows/registry.rb:263:in `initialize'

C:/Program Files/Puppet Labs/Puppet/puppet/lib/ruby/vendor_ruby/puppet/util/windows/registry.rb:263:in `new'

C:/Program Files/Puppet Labs/Puppet/puppet/lib/ruby/vendor_ruby/puppet/util/windows/registry.rb:263:in `block in query_value_ex'

C:/Program Files/Puppet Labs/Puppet/puppet/lib/ruby/vendor_ruby/puppet/util/windows/registry.rb:262:in `initialize'

C:/Program Files/Puppet Labs/Puppet/puppet/lib/ruby/vendor_ruby/puppet/util/windows/registry.rb:262:in `new'

C:/Program Files/Puppet Labs/Puppet/puppet/lib/ruby/vendor_ruby/puppet/util/windows/registry.rb:262:in `query_value_ex'

C:/Program Files/Puppet Labs/Puppet/puppet/lib/ruby/vendor_ruby/puppet/util/windows/registry.rb:225:in `read'

C:/Program Files/Puppet Labs/Puppet/puppet/lib/ruby/vendor_ruby/puppet/util/windows/registry.rb:81:in `block (2 levels) in values_by_name'

C:/Program Files/Puppet Labs/Puppet/puppet/lib/ruby/vendor_ruby/puppet/util/windows/api_types.rb:29:in `block in from_string_to_wide_string'

C:/Program Files/Puppet Labs/Puppet/puppet/lib/ruby/vendor_ruby/puppet/util/windows/api_types.rb:25:in `initialize'

C:/Program Files/Puppet Labs/Puppet/puppet/lib/ruby/vendor_ruby/puppet/util/windows/api_types.rb:25:in `new'

C:/Program Files/Puppet Labs/Puppet/puppet/lib/ruby/vendor_ruby/puppet/util/windows/api_types.rb:25:in `from_string_to_wide_string'

C:/Program Files/Puppet Labs/Puppet/puppet/lib/ruby/vendor_ruby/puppet/util/windows/registry.rb:79:in `block in values_by_name'

C:/Program Files/Puppet Labs/Puppet/puppet/lib/ruby/vendor_ruby/puppet/util/windows/registry.rb:78:in `each'

C:/Program Files/Puppet Labs/Puppet/puppet/lib/ruby/vendor_ruby/puppet/util/windows/registry.rb:78:in `values_by_name'

C:/Program Files/Puppet Labs/Puppet/puppet/lib/ruby/vendor_ruby/puppet/provider/package/windows/package.rb:49:in `block (5 levels) in with_key'

C:/Program Files/Puppet Labs/Puppet/puppet/lib/ruby/vendor_ruby/puppet/util/windows/registry.rb:28:in `block in open'

C:/Program Files/Puppet Labs/Puppet/puppet/lib/ruby/2.5.0/win32/registry.rb:439:in `open'

C:/Program Files/Puppet Labs/Puppet/puppet/lib/ruby/2.5.0/win32/registry.rb:546:in `open'

C:/Program Files/Puppet Labs/Puppet/puppet/lib/ruby/vendor_ruby/puppet/util/windows/registry.rb:27:in `open'

C:/Program Files/Puppet Labs/Puppet/puppet/lib/ruby/vendor_ruby/puppet/provider/package/windows/package.rb:48:in `block (4 levels) in with_key'

C:/Program Files/Puppet Labs/Puppet/puppet/lib/ruby/vendor_ruby/puppet/util/windows/registry.rb:51:in `block in each_key'

C:/Program Files/Puppet Labs/Puppet/puppet/lib/ruby/vendor_ruby/puppet/util/windows/registry.rb:49:in `loop'

C:/Program Files/Puppet Labs/Puppet/puppet/lib/ruby/vendor_ruby/puppet/util/windows/registry.rb:49:in `each_key'

C:/Program Files/Puppet Labs/Puppet/puppet/lib/ruby/vendor_ruby/puppet/provider/package/windows/package.rb:47:in `block (3 levels) in with_key'

C:/Program Files/Puppet Labs/Puppet/puppet/lib/ruby/vendor_ruby/puppet/util/windows/registry.rb:28:in `block in open'

C:/Program Files/Puppet Labs/Puppet/puppet/lib/ruby/2.5.0/win32/registry.rb:439:in `open'

C:/Program Files/Puppet Labs/Puppet/puppet/lib/ruby/2.5.0/win32/registry.rb:546:in `open'

C:/Program Files/Puppet Labs/Puppet/puppet/lib/ruby/vendor_ruby/puppet/util/windows/registry.rb:27:in `open'

C:/Program Files/Puppet Labs/Puppet/puppet/lib/ruby/vendor_ruby/puppet/provider/package/windows/package.rb:46:in `block (2 levels) in with_key'

C:/Program Files/Puppet Labs/Puppet/puppet/lib/ruby/vendor_ruby/puppet/provider/package/windows/package.rb:43:in `each'

C:/Program Files/Puppet Labs/Puppet/puppet/lib/ruby/vendor_ruby/puppet/provider/package/windows/package.rb:43:in `block in with_key'

C:/Program Files/Puppet Labs/Puppet/puppet/lib/ruby/vendor_ruby/puppet/provider/package/windows/package.rb:42:in `each'

C:/Program Files/Puppet Labs/Puppet/puppet/lib/ruby/vendor_ruby/puppet/provider/package/windows/package.rb:42:in `with_key'

C:/Program Files/Puppet Labs/Puppet/puppet/lib/ruby/vendor_ruby/puppet/provider/package/windows/package.rb:25:in `each'

C:/Program Files/Puppet Labs/Puppet/puppet/lib/ruby/vendor_ruby/puppet/provider/package/windows.rb:36:in `map'

C:/Program Files/Puppet Labs/Puppet/puppet/lib/ruby/vendor_ruby/puppet/provider/package/windows.rb:36:in `instances'

C:/Program Files/Puppet Labs/Puppet/puppet/lib/ruby/vendor_ruby/puppet/type.rb:1205:in `block in instances'

C:/Program Files/Puppet Labs/Puppet/puppet/lib/ruby/vendor_ruby/puppet/type.rb:1204:in `collect'

C:/Program Files/Puppet Labs/Puppet/puppet/lib/ruby/vendor_ruby/puppet/type.rb:1204:in `instances'

C:/Program Files/Puppet Labs/Puppet/puppet/lib/ruby/vendor_ruby/puppet/indirector/resource/ral.rb:24:in `search'

C:/Program Files/Puppet Labs/Puppet/puppet/lib/ruby/vendor_ruby/puppet/indirector/indirection.rb:299:in `search'

C:/Program Files/Puppet Labs/Puppet/puppet/lib/ruby/vendor_ruby/puppet/application/resource.rb:228:in `find_or_save_resources'

C:/Program Files/Puppet Labs/Puppet/puppet/lib/ruby/vendor_ruby/puppet/application/resource.rb:142:in `block in main'

C:/Program Files/Puppet Labs/Puppet/puppet/lib/ruby/vendor_ruby/puppet/context.rb:62:in `override'

C:/Program Files/Puppet Labs/Puppet/puppet/lib/ruby/vendor_ruby/puppet.rb:290:in `override'

C:/Program Files/Puppet Labs/Puppet/puppet/lib/ruby/vendor_ruby/puppet/application/resource.rb:137:in `main'

C:/Program Files/Puppet Labs/Puppet/puppet/lib/ruby/vendor_ruby/puppet/application.rb:390:in `run_command'

C:/Program Files/Puppet Labs/Puppet/puppet/lib/ruby/vendor_ruby/puppet/application.rb:382:in `block in run'

C:/Program Files/Puppet Labs/Puppet/puppet/lib/ruby/vendor_ruby/puppet/util.rb:710:in `exit_on_fail'

C:/Program Files/Puppet Labs/Puppet/puppet/lib/ruby/vendor_ruby/puppet/application.rb:382:in `run'

C:/Program Files/Puppet Labs/Puppet/puppet/lib/ruby/vendor_ruby/puppet/util/command_line.rb:143:in `run'

C:/Program Files/Puppet Labs/Puppet/puppet/lib/ruby/vendor_ruby/puppet/util/command_line.rb:77:in `execute'

C:/Program Files/Puppet Labs/Puppet/puppet/bin/puppet:4:in `<main>'

Attachments

Issue Links

relates to

PUP-9639 Windows package resource does not remove trailing whitespace

Resolved

PUP-10943 Windows package provider continues to read DisplayVersion key after embedded NULL

Resolved

mentioned in: Page Loading...

Puppet windows package provider fails if there are garbage characters after an embedded NULL

Details

Description

Attachments

Issue Links

Activity

People

Dates

Zendesk Support