Mirror
/
zulip
mirror of https://github.com/zulip/zulip.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

puppet: Fix shell escaping in Ruby functions. 

Signed-off-by: Anders Kaseorg <anders@zulip.com>
This commit is contained in:
Anders Kaseorg 2023-05-12 17:41:39 -07:00 committed by Anders Kaseorg
parent 614ab533dc
commit cf8ae46291
2 changed files with 7 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
puppet/zulip/lib/puppet/parser/functions/zulipconf.rb
View File

@ -1,9 +1,10 @@
require "shellwords"
module Puppet::Parser::Functions module Puppet::Parser::Functions
newfunction(:zulipconf, :type => :rvalue, :arity => -2) do |args| newfunction(:zulipconf, :type => :rvalue, :arity => -2) do |args|
default = args.pop default = args.pop
joined = args.join(" ")
zulip_conf_path = lookupvar("zulip_conf_path") zulip_conf_path = lookupvar("zulip_conf_path")
output = `/usr/bin/crudini --get #{zulip_conf_path} #{joined} 2>&1`; result = $?.success? output = `/usr/bin/crudini --get -- #{[zulip_conf_path, *args].shelljoin} 2>&1`; result = $?.success?
if result if result
if [true, false].include? default if [true, false].include? default
# If the default is a bool, coerce into a bool. This list is also # If the default is a bool, coerce into a bool. This list is also
@ -19,7 +20,7 @@ module Puppet::Parser::Functions
newfunction(:zulipconf_keys, :type => :rvalue, :arity => 1) do |args| newfunction(:zulipconf_keys, :type => :rvalue, :arity => 1) do |args|
zulip_conf_path = lookupvar("zulip_conf_path") zulip_conf_path = lookupvar("zulip_conf_path")
output = `/usr/bin/crudini --get #{zulip_conf_path} #{args[0]} 2>&1`; result = $?.success? output = `/usr/bin/crudini --get -- #{[zulip_conf_path, args[0]].shelljoin} 2>&1`; result = $?.success?
if result if result
return output.lines.map { |l| l.strip } return output.lines.map { |l| l.strip }
else else
@ -31,12 +32,12 @@ module Puppet::Parser::Functions
section = "nagios" section = "nagios"
prefix = "hosts_" prefix = "hosts_"
zulip_conf_path = lookupvar("zulip_conf_path") zulip_conf_path = lookupvar("zulip_conf_path")
keys = `/usr/bin/crudini --get #{zulip_conf_path} #{section} 2>&1`; result = $?.success? keys = `/usr/bin/crudini --get -- #{[zulip_conf_path, section].shelljoin} 2>&1`; result = $?.success?
if result if result
filtered_keys = keys.lines.map { |l| l.strip }.select { |l| l.start_with?(prefix) } filtered_keys = keys.lines.map { |l| l.strip }.select { |l| l.start_with?(prefix) }
all_values = [] all_values = []
filtered_keys.each do |key| filtered_keys.each do |key|
values = `/usr/bin/crudini --get #{zulip_conf_path} #{section} #{key} 2>&1`; result = $?.success? values = `/usr/bin/crudini --get -- #{[zulip_conf_path, section, key].shelljoin} 2>&1`; result = $?.success?
if result if result
all_values += values.strip.split(/,\s*/) all_values += values.strip.split(/,\s*/)
end end

3
puppet/zulip/lib/puppet/parser/functions/zulipsecret.rb
View File

@ -1,8 +1,7 @@
module Puppet::Parser::Functions module Puppet::Parser::Functions
newfunction(:zulipsecret, :type => :rvalue) do |args| newfunction(:zulipsecret, :type => :rvalue) do |args|
default = args.pop default = args.pop
joined = args.join(" ") output = `/usr/bin/crudini --get /etc/zulip/zulip-secrets.conf #{args.shelljoin} 2>&1`; result = $?.success?
output = `/usr/bin/crudini --get /etc/zulip/zulip-secrets.conf #{joined} 2>&1`; result = $?.success?
if result if result
output.strip() output.strip()
else else