ahuston-0/hydra
1
0
Fork 0
Code Issues Pull Requests 1 Packages Projects Releases Wiki Activity

Helper/Nix: constructRunCommandLogPath: verify uuid is valid

Browse Source 
This shouldn't be possible normally, but it is possible to:

    $db->resultset('RunCommandLogs')->new({ uuid => "../etc/passwd" });

if you have access to the `$db`.
This commit is contained in:
Cole Helbling
2022-01-28 12:45:12 -08:00
parent e381751564
commit 61189ecca9
3 changed files with 18 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
src/lib/Hydra/Helper/Nix.pm
View File

@ -13,6 +13,7 @@ use Nix::Store;
use Encode;
use Sys::Hostname::Long;
use IPC::Run;
use UUID4::Tiny qw(is_uuid4_string);
our @ISA = qw(Exporter);
our @EXPORT = qw(
@ -592,17 +593,16 @@ sub isLocalStore {
sub constructRunCommandLogPath {
my ($runlog) = @_;
my $path = undef;
my $uuid = $runlog->uuid;
eval {
my $uuid = $runlog->uuid;
my $hydra_path = Hydra::Model::DB::getHydraPath;
my $bucket = substr($uuid, 0, 2);
if (!is_uuid4_string($uuid)) {
die "UUID was invalid."
}
$path = "$hydra_path/runcommand-logs/$bucket/$uuid";
};
my $hydra_path = Hydra::Model::DB::getHydraPath;
my $bucket = substr($uuid, 0, 2);
return $path;
return "$hydra_path/runcommand-logs/$bucket/$uuid";
}
1;