search

pulp / pulp-certguard

Pulp plugin that provides an x.509 certificate based content-guard.
GNU General Public License v2.0
3 stars 26 forks source link

The `ca_certificate` field is not properly sanitized by the serializer #232

Closed lubosmj closed 1 year ago

lubosmj commented 1 year ago 
curl -X POST -H 'Authorization: Basic YWRtaW46cGFzc3dvcmQ=' -d ca_certificate=0 http://localhost:5001/pulp/api/v3/contentguards/certguard/x509/
Traceback (most recent call last):
  File "/usr/local/lib/python3.8/site-packages/django/core/handlers/exception.py", line 47, in inner
    response = get_response(request)
  File "/usr/local/lib/python3.8/site-packages/django/core/handlers/base.py", line 181, in _get_response
    response = wrapped_callback(request, *callback_args, **callback_kwargs)
  File "/usr/local/lib/python3.8/site-packages/django/views/decorators/csrf.py", line 54, in wrapped_view
    return view_func(*args, **kwargs)
  File "/usr/local/lib/python3.8/site-packages/rest_framework/viewsets.py", line 125, in view
    return self.dispatch(request, *args, **kwargs)
  File "/usr/local/lib/python3.8/site-packages/rest_framework/views.py", line 509, in dispatch
    response = self.handle_exception(exc)
  File "/usr/local/lib/python3.8/site-packages/rest_framework/views.py", line 469, in handle_exception
    self.raise_uncaught_exception(exc)
  File "/usr/local/lib/python3.8/site-packages/rest_framework/views.py", line 480, in raise_uncaught_exception
    raise exc
  File "/usr/local/lib/python3.8/site-packages/rest_framework/views.py", line 506, in dispatch
    response = handler(request, *args, **kwargs)
  File "/usr/local/lib/python3.8/site-packages/rest_framework/mixins.py", line 18, in create
    serializer.is_valid(raise_exception=True)
  File "/usr/local/lib/python3.8/site-packages/rest_framework/serializers.py", line 227, in is_valid
    self._validated_data = self.run_validation(self.initial_data)
  File "/usr/local/lib/python3.8/site-packages/rest_framework/serializers.py", line 426, in run_validation
    value = self.to_internal_value(data)
  File "/usr/local/lib/python3.8/site-packages/rest_framework/serializers.py", line 485, in to_internal_value
    validated_value = validate_method(validated_value)
  File "/src/pulp_certguard/pulp_certguard/app/serializers.py", line 27, in validate_ca_certificate
    openssl.load_certificate(openssl.FILETYPE_PEM, buffer=ca_certificate)
  File "/usr/local/lib/python3.8/site-packages/OpenSSL/crypto.py", line 1998, in load_certificate
    _raise_current_error()
  File "/usr/local/lib/python3.8/site-packages/OpenSSL/_util.py", line 57, in exception_from_error_queue
    raise exception_type(errors)
OpenSSL.crypto.Error: [('PEM routines', '', 'no start line')]