Skip to content

Commit

Permalink
Merge pull request #103457 from codearky/fix-yaml-terminator-wcomment
Browse files Browse the repository at this point in the history
Add YAML separator validation and avoid silent ignoration

Kubernetes-commit: ace5482c9fd707a29f4626e7d78b4041b994b618
  • Loading branch information
k8s-publishing-bot committed Jul 12, 2021
2 parents ff522ab + f1aad3e commit a644435
Show file tree
Hide file tree
Showing 2 changed files with 49 additions and 7 deletions.
18 changes: 11 additions & 7 deletions pkg/util/yaml/decoder.go
Original file line number Diff line number Diff line change
Expand Up @@ -291,15 +291,19 @@ func (r *YAMLReader) Read() ([]byte, error) {
if i := bytes.Index(line, []byte(separator)); i == 0 {
// We have a potential document terminator
i += sep
after := line[i:]
if len(strings.TrimRightFunc(string(after), unicode.IsSpace)) == 0 {
if buffer.Len() != 0 {
return buffer.Bytes(), nil
}
if err == io.EOF {
return nil, err
trimmed := strings.TrimSpace(string(line[i:]))
// We only allow comments and spaces following the yaml doc separator, otherwise we'll return an error
if len(trimmed) > 0 && string(trimmed[0]) != "#" {
return nil, YAMLSyntaxError{
err: fmt.Errorf("invalid Yaml document separator: %s", trimmed),
}
}
if buffer.Len() != 0 {
return buffer.Bytes(), nil
}
if err == io.EOF {
return nil, err
}
}
if err == io.EOF {
if buffer.Len() != 0 {
Expand Down
38 changes: 38 additions & 0 deletions pkg/util/yaml/decoder_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -211,6 +211,40 @@ stuff: 1
}
}

func TestDecodeYAMLSeparatorValidation(t *testing.T) {
s := NewYAMLToJSONDecoder(bytes.NewReader([]byte(`---
stuff: 1
--- # Make sure termination happen with inline comment
stuff: 2
---
stuff: 3
--- Make sure uncommented content results YAMLSyntaxError
`)))
obj := generic{}
if err := s.Decode(&obj); err != nil {
t.Fatalf("unexpected error: %v", err)
}
if fmt.Sprintf("%#v", obj) != `yaml.generic{"stuff":1}` {
t.Errorf("unexpected object: %#v", obj)
}
obj = generic{}
if err := s.Decode(&obj); err != nil {
t.Fatalf("unexpected error: %v", err)
}
if fmt.Sprintf("%#v", obj) != `yaml.generic{"stuff":2}` {
t.Errorf("unexpected object: %#v", obj)
}
obj = generic{}
err := s.Decode(&obj)
if err == nil {
t.Fatalf("expected YamlSyntaxError, got nil instead")
}
if _, ok := err.(YAMLSyntaxError); !ok {
t.Fatalf("unexpected error: %v", err)
}
}

func TestDecodeBrokenYAML(t *testing.T) {
s := NewYAMLOrJSONDecoder(bytes.NewReader([]byte(`---
stuff: 1
Expand Down Expand Up @@ -282,6 +316,10 @@ func TestYAMLOrJSONDecoder(t *testing.T) {
{"foo": "bar"},
{"baz": "biz"},
}},
{"---\nfoo: bar\n--- # with Comment\nbaz: biz", 100, false, false, []generic{
{"foo": "bar"},
{"baz": "biz"},
}},
{"foo: bar\n---\n", 100, false, false, []generic{
{"foo": "bar"},
}},
Expand Down

0 comments on commit a644435

Please sign in to comment.