github/codeql-action
0
0
Fork 0
mirror of https://github.com/github/codeql-action.git synced 2026-04-26 00:38:48 +00:00
Code Issues Packages Projects Releases Wiki Activity

Sanitize inputs

Browse Source
This commit is contained in:
Marco Gario
2025-01-24 20:20:10 +00:00
parent 51bb5eb99a
commit ecf723239a
6 changed files with 81 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/start-proxy.test.ts
+28
View File
@@ -80,3 +80,31 @@ test("getCredentials returns all credentials when no language specified", async
);
t.is(credentials.length, 3);
});
test("getCredentials throws an error when non-printable characters are used", async (t) => {
const invalidCredentials = [
{ type: "nuget_feed", host: "1nuget.pkg.github.com", token: "abc\u0000" }, // Non-printable character in token
{ type: "nuget_feed", host: "2nuget.pkg.github.com\u0001" }, // Non-printable character in host
{ type: "nuget_feed", host: "3nuget.pkg.github.com", password: "ghi\u0002" }, // Non-printable character in password
{ type: "nuget_feed", host: "4nuget.pkg.github.com", password: "ghi\x00" }, // Non-printable character in password
];
for (const invalidCredential of invalidCredentials) {
const credentialsInput = Buffer.from(
JSON.stringify([invalidCredential]),
).toString("base64");
t.throws(
() =>
startProxyExports.getCredentials(
getRunnerLogger(true),
undefined,
credentialsInput,
undefined,
),
{
message: "Invalid credentials - fields must contain only printable characters",
},
);
}
});