Page Menu
Home
Phabricator
Search
Configure Global Search
Log In
Files
F25791564
T203885-2.patch
No One
Actions
View File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Award Token
Flag For Later
Authored By
Bawolff
Sep 13 2018, 1:34 AM
2018-09-13 01:34:18 (UTC+0)
Size
3 KB
Referenced Files
None
Subscribers
None
T203885-2.patch
View Options
From ee8ac2ea3b90f1bc475c2d3f751e97c93014e32d Mon Sep 17 00:00:00 2001
From: Brian Wolff <bawolff+wn@gmail.com>
Date: Thu, 13 Sep 2018 01:28:38 +0000
Subject: [PATCH] SECURITY: Fix escaping of "runas" users on Special:NovaSudoer
Follow up to 7fc78b686dbe6. Unfortunately the previous patch
missed a case.
Bug: T203885
---
composer.json | 2 +-
special/SpecialNovaSudoer.php | 24 +++++++++++++++++-------
2 files changed, 18 insertions(+), 8 deletions(-)
diff --git a/composer.json b/composer.json
index 30df9cf..cbd40fc 100644
--- a/composer.json
+++ b/composer.json
@@ -20,6 +20,6 @@
]
},
"extra": {
- "phan-taint-check-plugin": "1.4.0"
+ "phan-taint-check-plugin": "1.5.0"
}
}
diff --git a/special/SpecialNovaSudoer.php b/special/SpecialNovaSudoer.php
index 9163828..f75c0f4 100644
--- a/special/SpecialNovaSudoer.php
+++ b/special/SpecialNovaSudoer.php
@@ -280,6 +280,11 @@ class SpecialNovaSudoer extends SpecialNova {
return true;
}
+ /**
+ * @param $projectName
+ * @param $sudoer
+ * @return-taint onlysafefor_html
+ */
function getSudoUsers( $projectName, $sudoer = null ) {
$project = OpenStackNovaProject::getProjectByName( $projectName );
$projectuids = $project->getMemberUids();
@@ -319,6 +324,11 @@ class SpecialNovaSudoer extends SpecialNova {
return [ 'keys' => $user_keys, 'defaults' => $user_defaults ];
}
+ /**
+ * @param $projectName
+ * @param $sudoer
+ * @return-taint onlysafefor_html
+ */
function getSudoRunAsUsers( $projectName, $sudoer = null ) {
$project = OpenStackNovaProject::getProjectByName( $projectName );
$projectuids = $project->getMemberUids();
@@ -335,30 +345,30 @@ class SpecialNovaSudoer extends SpecialNova {
# 'ALL' includes all possible users, including system users and service users.
$runas_keys['ALL'] = 'ALL';
if ( in_array( 'ALL', $runasmembers ) ) {
- $runas_defaults['ALL'] = 'ALL';
+ $runas_defaults[] = 'ALL';
}
# A safer option is 'all project members'
$projectGroup = "%" . $project->getProjectGroupName();
$all_members = $this->msg( 'openstackmanager-allmembers' )->text();
- $runas_keys[$all_members] = $all_members;
+ $runas_keys[htmlspecialchars( $all_members )] = $all_members;
if ( in_array( $projectGroup, $runasmembers ) ) {
- $runas_defaults[$all_members] = $all_members;
+ $runas_defaults[] = $all_members;
}
foreach ( $projectuids as $userUid ) {
$projectmember = $project->memberForUid( $userUid );
- $runas_keys[$projectmember] = $userUid;
+ $runas_keys[htmlspecialchars( $projectmember )] = $userUid;
if ( in_array( $userUid, $runasmembers ) ) {
- $runas_defaults[$projectmember] = $userUid;
+ $runas_defaults[] = $userUid;
}
}
foreach ( $projectserviceusers as $serviceuser ) {
- $runas_keys[$serviceuser] = $serviceuser;
+ $runas_keys[htmlspecialchars( $serviceuser )] = $serviceuser;
if ( in_array( $serviceuser, $runasmembers ) ) {
- $runas_defaults[$serviceuser] = $serviceuser;
+ $runas_defaults[] = $serviceuser;
}
}
--
2.8.1
File Metadata
Details
Attached
Mime Type
text/x-diff
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
6410721
Default Alt Text
T203885-2.patch (3 KB)
Attached To
Mode
T203885: Special:NovaSudoer does not escape usernames
Attached
Detach File
Event Timeline
Log In to Comment