security: complete input validation across all tool handlers#8
Merged
Conversation
Apply UUID validation and safe query encoding consistently across all services, not just the three initially hardened (archer, keppel, limes). Fixes: - keystone: validate UUID before delete app credential (path segment) - cinder: validate volume_id before get (path segment) - glance: validate image_id before get (path segment) - designate: validate zone_id in get_zone and list_recordsets - octavia: validate loadbalancer_id before get (path segment) - manila: validate share_id before get (path segment) - barbican: validate secret_id before get (path segment) - ironic: validate node_id via path segment (supports UUID or name) - nova: validate server_id in both get and action handlers - hermes: replace unsafe string concatenation with url.Values encoding, add UUID validation to get_event, add allowlist for list_attributes - castellum: remove duplicate uuidPattern, use shared.ValidateUUID Also adds test coverage for multi-param SafeQueryParams and path traversal encoding.
Merging this branch changes the coverage (9 decrease, 1 increase)
Coverage by fileChanged files (no unit tests)
Please note that the "Total", "Covered", and "Missed" counts above refer to code statements instead of lines of code. The value in brackets refers to the test coverage of that file in the old version of the code. Changed unit test files
|
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
url.Valuesencodinglist_attributesto prevent path traversaluuidPatternfrom Castellum, consolidate onshared.ValidateUUIDContext
PR #7 applied input validation to archer, keppel, and limes. This PR completes the job across all remaining services that embed user-provided values in URL paths or query strings without proper validation.
Handlers Fixed
deleteAppCredentialHandleridgetVolumeHandlervolume_idgetImageHandlerimage_idgetZoneHandlerzone_idlistRecordsetsHandlerzone_idgetLoadbalancerHandlerloadbalancer_idgetShareHandlershare_idgetSecretHandlersecret_idgetNodeHandlernode_idgetServerHandlerserver_idserverActionHandlerserver_idgetEventHandlerevent_idlistAttributesHandlerattributelistEventsHandlerproject_idTest plan
go test ./...passesmake run-golangci-lint— 0 issuesgo build ./...compiles cleanly