Commit 4a2d358ce6e390038e13d529b218c727ce9a45db - facter

(#6955) Remove relative dirs from fact search path Prior to this commit, relative directories were permitted the search path for facts, which meant that both the user and the path in which facter was run could influence which facts were located. This situation could have led in unintended code being executed. This commit forces all paths (from $LOAD_PATH, ENV["FACTORLIB"] or Facter.search_path) to explicitly be absolute paths. Jeff Weiss 12 years ago

2 changed file(s) with 77 addition(s) and 2 deletion(s). Raw diff Collapse all Expand all

+11

-2

lib/facter/util/loader.rb less more

0	0	require 'facter'
	1	require 'pathname'
1	2
2	3	# Load facts on demand.
3	4	class Facter::Util::Loader
4	5
5	6	def initialize
6	7	@loaded = []
	8	@valid_path = {}
7	9	end
8	10
9	11	# Load all resolutions for a single fact.

52	54	result = []
53	55	result += $LOAD_PATH.collect { \|d\| File.join(d, "facter") }
54	56	if ENV.include?("FACTERLIB")
55		result += ENV["FACTERLIB"].split(":")
	57	result += ENV["FACTERLIB"].split(File::PATH_SEPARATOR)
56	58	end
57	59
58	60	# This allows others to register additional paths we should search.
59	61	result += Facter.search_path
60	62
61		result
	63	result.select { \|dir\| valid_search_path? dir }
62	64	end
	65
	66	def valid_search_path?(path)
	67	return @valid_path[path] unless @valid_path[path].nil?
	68
	69	return @valid_path[path] = Pathname.new(path).absolute?
	70	end
	71	private :valid_search_path?
63	72
64	73	private
65	74

+66

-0

spec/unit/util/loader_spec.rb less more

30	30
31	31	it "should have a method for returning directories containing facts" do
32	32	Facter::Util::Loader.new.should respond_to(:search_path)
	33	end
	34
	35	describe "#valid_seach_path?" do
	36	before do
	37	@loader = Facter::Util::Loader.new
	38	@settings = mock 'settings'
	39	@settings.stubs(:value).returns "/eh"
	40	end
	41
	42	it "should cache the result of a previous check" do
	43	Pathname.any_instance.expects(:absolute?).returns(true).once
	44
	45	# we explicitly want two calls here to check that we get
	46	# the second from the cache
	47	@loader.should be_valid_search_path "/foo"
	48	@loader.should be_valid_search_path "/foo"
	49	end
	50
	51	[
	52	'.',
	53	'..',
	54	'...',
	55	'.foo',
	56	'../foo',
	57	'foo',
	58	'foo/bar',
	59	'foo/../bar',
	60	' ',
	61	' /',
	62	' \/',
	63	].each do \|dir\|
	64
	65	it "should be false for relative path #{dir}" do
	66	@loader.should_not be_valid_search_path dir
	67	end
	68
	69	end
	70
	71	[
	72	'/.',
	73	'/..',
	74	'/...',
	75	'/.foo',
	76	'/../foo',
	77	'/foo',
	78	'/foo/bar',
	79	'/foo/../bar',
	80	'/ ',
	81	'/ /..',
	82	].each do \|dir\|
	83
	84	it "should be true for absolute path #{dir}" do
	85	@loader.should be_valid_search_path dir
	86	end
	87
	88	end
33	89	end
34	90
35	91	describe "when determining the search path" do

41	97
42	98	it "should include the facter subdirectory of all paths in ruby LOAD_PATH" do
43	99	dirs = $LOAD_PATH.collect { \|d\| File.join(d, "facter") }
	100	@loader.stubs(:valid_search_path?).returns(true)
44	101	paths = @loader.search_path
45	102
46	103	dirs.each do \|dir\|
47	104	paths.should be_include(dir)
	105	end
	106	end
	107
	108	it "should exclude invalid search paths" do
	109	dirs = $LOAD_PATH.collect { \|d\| File.join(d, "facter") }
	110	@loader.stubs(:valid_search_path?).returns(false)
	111	paths = @loader.search_path
	112	dirs.each do \|dir\|
	113	paths.should_not be_include(dir)
48	114	end
49	115	end
50	116