github.com/Venafi/vcert/v5@v5.10.2/pkg/playbook/util/capistore/helper.go (about) 1 //go:build windows 2 3 /* 4 * Copyright 2023 Venafi, Inc. 5 * 6 * Licensed under the Apache License, Version 2.0 (the "License"); 7 * you may not use this file except in compliance with the License. 8 * You may obtain a copy of the License at 9 * 10 * http://www.apache.org/licenses/LICENSE-2.0 11 * 12 * Unless required by applicable law or agreed to in writing, software 13 * distributed under the License is distributed on an "AS IS" BASIS, 14 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 15 * See the License for the specific language governing permissions and 16 * limitations under the License. 17 */ 18 19 package capistore 20 21 import ( 22 _ "embed" 23 "fmt" 24 "os" 25 "regexp" 26 "strings" 27 28 "github.com/pkg/errors" 29 "go.uber.org/zap" 30 ) 31 32 const validInputRegex string = `^[A-Za-z0-9\s-_\.]+$` // regex for validating keystore and binding fields to prevent commandline injection 33 34 func psBool(b bool) string { 35 if b { 36 return "1" // Represents True 37 } 38 return "0" // Represents False 39 } 40 41 func containsInjectableData(value string) error { 42 if len(value) == 0 { 43 return nil 44 } 45 46 re := regexp.MustCompile(validInputRegex) 47 if !re.MatchString(value) { 48 return errors.New("the input contained invalid characters") 49 } 50 return nil 51 } 52 53 func copyScript(script, scriptPath string) error { 54 input := []byte(script) 55 56 err := os.WriteFile(scriptPath, input, 0644) 57 if err != nil { 58 zap.L().Error("error creating script file") 59 return err 60 } 61 62 return nil 63 } 64 65 func quoteIfNeeded(s string) string { 66 if strings.ContainsAny(s, "\t ") && !strings.HasSuffix(s, "'") && !strings.HasPrefix(s, "'") { 67 return fmt.Sprintf("'%s'", s) 68 } 69 return s 70 }