Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-15-SP1:GA
helm
CVE-2024-26147.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File CVE-2024-26147.patch of Package helm
From 764557c470533fa57aad99f865c9ff75a64d4163 Mon Sep 17 00:00:00 2001 From: Matt Farina <matt.farina@suse.com> Date: Wed, 21 Feb 2024 09:45:58 -0500 Subject: [PATCH] Some fixes Signed-off-by: Matt Farina <matt.farina@suse.com> --- pkg/plugin/plugin.go | 4 ++++ pkg/plugin/plugin_test.go | 6 ++++++ pkg/repo/index.go | 4 ++++ pkg/repo/index_test.go | 4 ++++ 4 files changed, 18 insertions(+) Index: helm-3.13.3/pkg/plugin/plugin.go =================================================================== --- helm-3.13.3.orig/pkg/plugin/plugin.go +++ helm-3.13.3/pkg/plugin/plugin.go @@ -175,6 +175,10 @@ var validPluginName = regexp.MustCompile // validatePluginData validates a plugin's YAML data. func validatePluginData(plug *Plugin, filepath string) error { + // When metadata section missing, initialize with no data + if plug.Metadata == nil { + plug.Metadata = &Metadata{} + } if !validPluginName.MatchString(plug.Metadata.Name) { return fmt.Errorf("invalid plugin name at %q", filepath) } Index: helm-3.13.3/pkg/plugin/plugin_test.go =================================================================== --- helm-3.13.3.orig/pkg/plugin/plugin_test.go +++ helm-3.13.3/pkg/plugin/plugin_test.go @@ -350,6 +350,11 @@ func TestSetupEnvWithSpace(t *testing.T) } func TestValidatePluginData(t *testing.T) { + // A mock plugin missing any metadata. + mockMissingMeta := &Plugin{ + Dir: "no-such-dir", + } + for i, item := range []struct { pass bool plug *Plugin @@ -360,6 +365,7 @@ func TestValidatePluginData(t *testing.T {false, mockPlugin("$foo -bar")}, // Test leading chars {false, mockPlugin("foo -bar ")}, // Test trailing chars {false, mockPlugin("foo\nbar")}, // Test newline + {false, mockMissingMeta}, // Test if the metadata section missing } { err := validatePluginData(item.plug, fmt.Sprintf("test-%d", i)) if item.pass && err != nil { Index: helm-3.13.3/pkg/repo/index.go =================================================================== --- helm-3.13.3.orig/pkg/repo/index.go +++ helm-3.13.3/pkg/repo/index.go @@ -359,6 +359,10 @@ func loadIndex(data []byte, source strin log.Printf("skipping loading invalid entry for chart %q from %s: empty entry", name, source) continue } + // When metadata section missing, initialize with no data + if cvs[idx].Metadata == nil { + cvs[idx].Metadata = &chart.Metadata{} + } if cvs[idx].APIVersion == "" { cvs[idx].APIVersion = chart.APIVersionV1 } Index: helm-3.13.3/pkg/repo/index_test.go =================================================================== --- helm-3.13.3.orig/pkg/repo/index_test.go +++ helm-3.13.3/pkg/repo/index_test.go @@ -69,6 +69,10 @@ entries: name: grafana foo: - + bar: + - digest: "sha256:1234567890abcdef" + urls: + - https://charts.helm.sh/stable/alpine-1.0.0.tgz ` )
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor
