fix(security): prevent inventory validator overwriting input
Some checks failed
CD Pipeline / workflow-shape (push) Successful in 0s
CD Pipeline / cancel-stale-cd (push) Has been skipped
CD Pipeline / tests (push) Failing after 19s
CD Pipeline / build-and-deploy (push) Has been skipped
CD Pipeline / post-deploy-checks (push) Has been skipped
Some checks failed
CD Pipeline / workflow-shape (push) Successful in 0s
CD Pipeline / cancel-stale-cd (push) Has been skipped
CD Pipeline / tests (push) Failing after 19s
CD Pipeline / build-and-deploy (push) Has been skipped
CD Pipeline / post-deploy-checks (push) Has been skipped
This commit is contained in:
@@ -260,6 +260,8 @@ def main() -> int:
|
||||
validation = validate_payload(load_json(args.input))
|
||||
text = json.dumps(validation, ensure_ascii=False, indent=2) + "\n"
|
||||
if args.output:
|
||||
if args.output.resolve() == args.input.resolve():
|
||||
raise SystemExit("output_must_not_equal_input")
|
||||
args.output.parent.mkdir(parents=True, exist_ok=True)
|
||||
args.output.write_text(text, encoding="utf-8")
|
||||
else:
|
||||
|
||||
@@ -72,6 +72,30 @@ def test_rejects_execution_request(tmp_path: Path) -> None:
|
||||
assert validation["operation_boundaries"]["gitea_write_performed"] is False
|
||||
|
||||
|
||||
def test_output_must_not_overwrite_input(tmp_path: Path) -> None:
|
||||
payload_path = tmp_path / "inventory.json"
|
||||
original = json.dumps(valid_payload())
|
||||
payload_path.write_text(original, encoding="utf-8")
|
||||
|
||||
result = subprocess.run(
|
||||
[
|
||||
sys.executable,
|
||||
str(SCRIPT),
|
||||
"--input",
|
||||
str(payload_path),
|
||||
"--output",
|
||||
str(payload_path),
|
||||
],
|
||||
text=True,
|
||||
capture_output=True,
|
||||
check=False,
|
||||
)
|
||||
|
||||
assert result.returncode != 0
|
||||
assert "output_must_not_equal_input" in result.stderr
|
||||
assert payload_path.read_text(encoding="utf-8") == original
|
||||
|
||||
|
||||
def valid_payload() -> dict:
|
||||
repos = [
|
||||
repo("wooo/awoooi"),
|
||||
|
||||
Reference in New Issue
Block a user