Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Faulty regex and usage of to_s triggers unwanted warning #379

Open
mariastroe opened this issue Sep 8, 2021 · 2 comments
Open

Faulty regex and usage of to_s triggers unwanted warning #379

mariastroe opened this issue Sep 8, 2021 · 2 comments
Labels
Triage: Confirmed Indicates and issue has been confirmed as described. Type: Bug Does not work as expected.

Comments

@mariastroe
Copy link

Version:

chef-vault-4.1.3

Environment:

Alpine Linux

Scenario:

As the new version of the chef-vault gem was released (4.1.3), when doing
knife vault create env secrets -M client -J creds.json -A admin1 -C "client1,client2"
it shows a warning
WARN: Value '[{:api_version=>"api/v3", :metadata=>{}, :data=>{:enabled=>true, :groups=>["test"], :password=>"testpass", :username=>"test"}, :type=>"User"}]' of key 'users' contains non-printable characters. Check that backslashes are escaped with another backslash (e.g. C:\\Windows) in double-quoted strings.

Expected Result:

Not printing any warning.
Not printing the value of the key in the warning.
An accurate suggestion in the warning because in my case i don't have any backslashes but actually whitespaces.

Additional Context:

In lib/chef/knife/mixin/helper.rb, the printable? function uses match (which returns a MatchData object when a match is found, or nil if no matches found) instead of match? (which actually returns true if match is found and false if not, as stated in the comments).
Also, because of the usage of to_s in printable?(value.to_s), the value is pretty-printed and matches the [[:space:]] if you have values like "a b c" or like mine (in the scenario above). Leaving the regex just with [^[:print:]] like it was before would solve the problem and not trigger any warning.
@mariastroe mariastroe added Status: Untriaged An issue that has yet to be triaged. Type: Bug Does not work as expected. labels Sep 8, 2021
@vkarve-chef vkarve-chef added Triage: Confirmed Indicates and issue has been confirmed as described. and removed Status: Untriaged An issue that has yet to be triaged. labels Sep 13, 2021
@jkimalane
Copy link

This is a major issue. For example, warning is triggered for nested json objects, which are perfectly valid but due to to_s conversion include spaces as field separators. Another big issue is with valid json strings which contain LF, CR etc escape sequences. According to JSON spec, escape sequences are perfectly valid.

perfectly valid json but vault's validator does not validate as to_s

{
   "dummy": {
       "test1": 1,
       "test2": 2
   }
}

to_s converts the value of the key "dummy" to a string like this {:test1=>1, :test2=>2}

Issue with escape sequences

{
"dummy": "aaaa\naaaa\n"
}

Again perfectly valid json with string value, which includes \n escape sequence. Strict RFC 4627 spec based validator validates this example but once again method validate_json triggers warning.

@jkimalane jkimalane mentioned this issue Dec 2, 2021
Open
10 tasks
@splatteredbits
Copy link

@mariastroe @vkarve-chef The biggest issue here is that the warning leaks/displays the value. Can this get fixed ASAP please?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Triage: Confirmed Indicates and issue has been confirmed as described. Type: Bug Does not work as expected.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@splatteredbits @jkimalane @mariastroe @vkarve-chef