Uploaded image for project: 'Puppet'
  1. Puppet
  2. PUP-5770

[std-lib] validate_absolute_path does not detect malicious code injection

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Normal
    • Resolution: Won't Do
    • Affects Version/s: PUP 3.8.5
    • Fix Version/s: None
    • Component/s: Modules
    • Labels:
      None
    • Environment:

      ubuntu 12.04

    • Template:

      Description

      It appears that validate_absolute_path is not working properly in some situations. For example:

        $testpath = '/usr/bin/;rm -rf /;'
        validate_absolute_path($testpath)
        exec {
          "mkdir ${testpath}":
            returns => 0,
            user => 'root',
          ;
        }
      

      The path validated (incorrectly)

      Another example:

        $testpath = '/*&^ foo\bar#baz /usr/bin/;rm -rf /;'
        validate_absolute_path($testpath)
        exec {
          "mkdir ${testpath}":
            returns => 0,
            user => 'root',
          ;
        }
      

        Attachments

          Activity

            People

            Assignee:
            Unassigned Unassigned
            Reporter:
            tonygaetani tony gaetani
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved:

                Zendesk Support