Uploaded image for project: 'Puppet'
  1. Puppet
  2. PUP-5770

[std-lib] validate_absolute_path does not detect malicious code injection

    XMLWordPrintable

Details

    • Bug
    • Status: Closed
    • Normal
    • Resolution: Won't Do
    • PUP 3.8.5
    • None
    • Modules
    • None
    • ubuntu 12.04

    Description

      It appears that validate_absolute_path is not working properly in some situations. For example:

        $testpath = '/usr/bin/;rm -rf /;'
        validate_absolute_path($testpath)
        exec {
          "mkdir ${testpath}":
            returns => 0,
            user => 'root',
          ;
        }
      

      The path validated (incorrectly)

      Another example:

        $testpath = '/*&^ foo\bar#baz /usr/bin/;rm -rf /;'
        validate_absolute_path($testpath)
        exec {
          "mkdir ${testpath}":
            returns => 0,
            user => 'root',
          ;
        }
      

      Attachments

        Activity

          People

            Unassigned Unassigned
            tonygaetani tony gaetani
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Zendesk Support