Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fixed problem escaping string in JSON #347

Merged
merged 3 commits into from
Nov 13, 2020
Merged

Fixed problem escaping string in JSON #347

merged 3 commits into from
Nov 13, 2020

Conversation

sanga1794
Copy link
Contributor

@sanga1794 sanga1794 commented May 27, 2020
edited
Loading

Signed-off-by: sanga17 sausekar@msystechnologies.com

Description

knife vault : Problem escaping string in JSON

Related Issue

fixed: #346

Types of changes

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to change)
  • Chore (non-breaking change that does not add functionality or fix an issue)

Checklist:

  • I have read the CONTRIBUTING document.
  • I have run the pre-merge tests locally and they pass.
  • I have updated the documentation accordingly.
  • I have added tests to cover my changes.
  • All new and existing tests passed.
  • All commits have been signed-off for the Developer Certificate of Origin.

@sanga1794 sanga1794 requested a review from a team May 27, 2020 10:56
@sanga1794 sanga1794 changed the title WIP: Fixed problem escaping string in JSON Fixed problem escaping string in JSON May 28, 2020
@dheerajd-msys
Copy link

@btm @tas50 @lamont-granquist Please review the change.
Thanks!!

phiggins
phiggins reviewed Jul 29, 2020
View reviewed changes
lib/chef/knife/mixin/helper.rb
evaled_json = eval(json)
rescue StandardError => e
puts e.message
end
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What does calling eval on the json do, and what would cause a failure that is not fatal?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hi @phiggins, as our vault json contents string with an hash format, using eval converting to the hash.

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is there a scenario where eval can fail and evaled_json is still a valid value?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

As in vault we accept only hash format, there is less possibility of failing the eval method.

phiggins
phiggins reviewed Jul 29, 2020
View reviewed changes
lib/chef/knife/mixin/helper.rb Outdated
@@ -27,6 +27,7 @@ def set_mode(mode)
def merge_values(json, file)
values = {}
values.merge!(values_from_file(file)) if file
validate_json(json)
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should this validation be moved into values_from_json, so that bad values in json files will get caught in values_from_file?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

yes, will move it, thanks

phiggins
phiggins reviewed Jul 29, 2020
View reviewed changes
lib/chef/knife/mixin/helper.rb Outdated
return false if string =~ /[^[:print:]]/
true
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
return false if string =~ /[^[:print:]]/
true
/[^[:print:]]/.match?(string)

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Since this can be reduced to one line and it is only used in one place, I think it's appropriate to inline this code instead of having a function.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ok will update it, thanks @phiggins

phiggins
phiggins reviewed Jul 29, 2020
View reviewed changes
lib/chef/knife/mixin/helper.rb
msg = "Value '#{value}' of key '#{key}' contains non-printable characters. Check that backslashes are escaped with another backslash (e.g. C:\\\\Windows) in double-quoted strings."
raise ChefVault::Exceptions::InvalidValue, msg
end
end
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This will fail unless all of the values of the json are strings. That is, { ids: [1,2,3] }, or { id: 2 } will cause this to fail. Will the json always be in that format, or should this code try to handle those cases?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

yes @phiggins, it will work only for string values. any way to handle other formats?

@phiggins
Copy link

Some unit tests would be good to demonstrate what's being fixed in this PR.

@tas50
Copy link
Contributor

tas50 commented Aug 3, 2020

@sanga1794 you'll need to rebase this since the commit that came from the UI lacks a DCO sign off.

@sanga1794 sanga1794 requested a review from a team as a code owner August 4, 2020 04:28
@sanga1794 sanga1794 force-pushed the sangmeshA/Fix_Problem_escaping_string_in_JSON branch from 57322d5 to c578b72 Compare August 4, 2020 04:34
@kagarmoe kagarmoe removed the request for review from a team August 6, 2020 22:46
sanga1794 and others added 3 commits October 28, 2020 14:39
@sanga1794
Fixed problem escaping string in JSON
2e0ee1b 
Signed-off-by: sanga17 <sausekar@msystechnologies.com>
@sanga1794
updated comment message
7551daa 
Signed-off-by: sanga17 <sausekar@msystechnologies.com>
@sanga1794
Handled syntax error also refactored code and added test cases for th…
cd450db 
…e changes

Signed-off-by: sanga17 <sausekar@msystechnologies.com>
@sanga1794 sanga1794 force-pushed the sangmeshA/Fix_Problem_escaping_string_in_JSON branch from c578b72 to cd450db Compare October 30, 2020 13:00
@tas50 tas50 merged commit 6e28514 into chef:master Nov 13, 2020
@josqu4red
Copy link

josqu4red commented May 11, 2021
edited
Loading

Hello,
This change prevents using multi-line strings, such as PEM data, which worked fine before.
JSON parser is responsible for raising errors on invalid JSON, so I don't understand why this has been introduced :(
It should IMHO be reverted.

This was referenced May 28, 2021
Closed
Closed
@jblaine
Copy link

jblaine commented Jun 30, 2021

@tas50 and @phiggins : This should not have been merged and should be reverted or redone. Valid JSON-spec strings are now rejected if they have completely JSON-valid escape sequences in them like {"foo": "bar\nbaz"} . Please see josqu4red's accurate comment directly above, the new open issues about it above, and https://chefcommunity.slack.com/archives/CAUSHGN3U/p1623868837065100 (time-sensitive link due to free slack tier).

@josqu4red josqu4red mentioned this pull request Jul 1, 2021
Closed
7 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@phiggins phiggins phiggins approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

knife vault : Problem escaping string in JSON
6 participants
@sanga1794 @dheerajd-msys @phiggins @tas50 @josqu4red @jblaine