Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Git issue #5009 Asset cache can lead to denial of service if asset database is deleted -Fix #5050

Open
wants to merge 9 commits into
base: develop/6
Choose a base branch
from
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 5 additions & 0 deletions CHANGELOG-6.md
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,11 @@ Versioning](http://semver.org/spec/v2.0.0.html).

## Unreleased

### 2024-02-01

### Fixed
- Assets can now be re-installed when the asset.db file has been deleted.

### Changed
- Upgraded CI Go version to 1.21.3
- Upgraded jwt version to 4.4.3
Expand Down
11 changes: 11 additions & 0 deletions asset/boltdb_manager.go
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,7 @@ import (
"context"
"encoding/json"
"fmt"
"github.com/spf13/viper"
"os"
"path/filepath"

Expand All @@ -23,6 +24,7 @@ const (
// ExpandDuration is the name of the prometheus summary vec used to track
// average latencies of asset expansion.
ExpandDuration = "sensu_go_asset_expand_duration"
FlagCacheDir = "cache-dir"
)

var (
Expand Down Expand Up @@ -241,6 +243,15 @@ func (b *boltDBAssetManager) expandWithDuration(tmpFile *os.File, asset *corev2.
}))
defer timer.ObserveDuration()

assetSHA := asset.Sha512
CacheDir := viper.GetString(FlagCacheDir)
fullPath := filepath.Join(CacheDir, assetSHA)

if err := os.RemoveAll(fullPath); err != nil {
logger.WithField("assetSHA path", fullPath).WithError(err).
Error("error cleaning up the assetSHA")
}

assetPath = filepath.Join(b.localStorage, asset.Sha512)
return assetPath, b.expander.Expand(tmpFile, assetPath)
}
20 changes: 18 additions & 2 deletions asset/boltdb_manager_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,7 @@ import (
"io"
"io/ioutil"
"os"
"path/filepath"
"testing"

bolt "go.etcd.io/bbolt"
Expand Down Expand Up @@ -222,8 +223,8 @@ func TestFailedExpand(t *testing.T) {

func TestSuccessfulGetAsset(t *testing.T) {
t.Parallel()

tmpFile, err := ioutil.TempFile(os.TempDir(), "asset_test_get_invalid_asset.db")
tmpDir := os.TempDir()
tmpFile, err := ioutil.TempFile(tmpDir, "asset_test_get_invalid_asset.db")
if err != nil {
t.Fatalf("unable to create test boltdb file: %v", err)
}
Expand Down Expand Up @@ -252,6 +253,21 @@ func TestSuccessfulGetAsset(t *testing.T) {
URL: "path",
}

tempAssetFile, err := os.CreateTemp(tmpDir, "asset.db")
if err != nil {
t.Logf("error creating the asset file as %v", err)
}
fi, _ := tempAssetFile.Stat()
if fi.Size() == 0 {
t.Log("asset.db got created corruptly")
err = os.RemoveAll(filepath.Join(tmpDir, a.Sha512))
if err != nil {
t.Logf("issue in deleting the assetSHA due to %v", err)
} else {
t.Log("assetSHA got deleted successfully and now asset will be properly downloaded.")
}
}

runtimeAsset, err := manager.Get(context.TODO(), a)
if err != nil {
t.Logf("expected no error, got: %v", err)
Expand Down
3 changes: 1 addition & 2 deletions asset/expander.go
Original file line number Diff line number Diff line change
Expand Up @@ -3,9 +3,8 @@ package asset
import (
"errors"
"fmt"
"io"

archiver "github.com/mholt/archiver/v3"
"io"

filetype "gopkg.in/h2non/filetype.v1"
filetype_types "gopkg.in/h2non/filetype.v1/types"
Expand Down
Loading