Merge pull request from GHSA-r53h-jv2g-vpx6

Some fixes
pull/12814/head
Matt Farina 10 months ago committed by GitHub
commit bb4cc91255
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194

@ -175,6 +175,10 @@ var validPluginName = regexp.MustCompile("^[A-Za-z0-9_-]+$")
// validatePluginData validates a plugin's YAML data.
func validatePluginData(plug *Plugin, filepath string) error {
// When metadata section missing, initialize with no data
if plug.Metadata == nil {
plug.Metadata = &Metadata{}
}
if !validPluginName.MatchString(plug.Metadata.Name) {
return fmt.Errorf("invalid plugin name at %q", filepath)
}

@ -353,6 +353,11 @@ func TestSetupEnvWithSpace(t *testing.T) {
}
func TestValidatePluginData(t *testing.T) {
// A mock plugin missing any metadata.
mockMissingMeta := &Plugin{
Dir: "no-such-dir",
}
for i, item := range []struct {
pass bool
plug *Plugin
@ -363,6 +368,7 @@ func TestValidatePluginData(t *testing.T) {
{false, mockPlugin("$foo -bar")}, // Test leading chars
{false, mockPlugin("foo -bar ")}, // Test trailing chars
{false, mockPlugin("foo\nbar")}, // Test newline
{false, mockMissingMeta}, // Test if the metadata section missing
} {
err := validatePluginData(item.plug, fmt.Sprintf("test-%d", i))
if item.pass && err != nil {

@ -359,6 +359,10 @@ func loadIndex(data []byte, source string) (*IndexFile, error) {
log.Printf("skipping loading invalid entry for chart %q from %s: empty entry", name, source)
continue
}
// When metadata section missing, initialize with no data
if cvs[idx].Metadata == nil {
cvs[idx].Metadata = &chart.Metadata{}
}
if cvs[idx].APIVersion == "" {
cvs[idx].APIVersion = chart.APIVersionV1
}

@ -70,6 +70,10 @@ entries:
name: grafana
foo:
-
bar:
- digest: "sha256:1234567890abcdef"
urls:
- https://charts.helm.sh/stable/alpine-1.0.0.tgz
`
)

Loading…
Cancel
Save