diff --git a/pkg/types/command.go b/pkg/types/command.go index 5ebca3a2..bdda3691 100644 --- a/pkg/types/command.go +++ b/pkg/types/command.go @@ -1,8 +1,10 @@ package types import ( + "errors" "fmt" "os/exec" + "strings" ) type Command struct { @@ -85,11 +87,7 @@ func (c *Command) AddVfkitSocket(socket string) { } func (c *Command) addForwardInfo(flag, value string) { - if _, ok := c.forwardInfo[flag]; ok { - c.forwardInfo[flag] = append(c.forwardInfo[flag], value) - } else { - c.forwardInfo[flag] = []string{value} - } + c.forwardInfo[flag] = append(c.forwardInfo[flag], value) } func (c *Command) AddForwardSock(socket string) { @@ -186,8 +184,26 @@ func (c *Command) ToCmdline() []string { return args } +// validateGvproxyPath ensures the path provided by the user points to a gvproxy +// binary +func validateGvproxyPath(path string) error { + if !strings.ContainsAny(path, "/") && path == "gvproxy" { + return nil + } + + lastSlashIndex := strings.LastIndex(path, "/") + if path[lastSlashIndex+1:] == "gvproxy" { + return nil + } + + return errors.New("Invalid gvproxy binary path: " + path) +} + // Cmd converts Command to a commandline format and returns an exec.Cmd which // can be executed by os/exec -func (c *Command) Cmd(gvproxyPath string) *exec.Cmd { - return exec.Command(gvproxyPath, c.ToCmdline()...) +func (c *Command) Cmd(gvproxyPath string) (*exec.Cmd, error) { + if err := validateGvproxyPath(gvproxyPath); err != nil { + return nil, err + } + return exec.Command(gvproxyPath, c.ToCmdline()...), nil // nolint:gosec } diff --git a/test/basic_test.go b/test/basic_test.go index 86504d6c..bda9d26a 100644 --- a/test/basic_test.go +++ b/test/basic_test.go @@ -217,4 +217,17 @@ var _ = Describe("command-line format", func() { "-pid-file ~/gv-pidfile.txt", })) }) + + It("invalid gvproxy path", func() { + command := types.NewCommand() + _, err := command.Cmd("/usr/bin/gvproxy-wrong") + Expect(err).To(HaveOccurred()) + Expect(err.Error()).To(Equal("Invalid gvproxy binary path: /usr/bin/gvproxy-wrong")) + }) + + It("valid gvproxy path", func() { + command := types.NewCommand() + _, err := command.Cmd("/usr/bin/gvproxy") + Expect(err).ToNot(HaveOccurred()) + }) })