Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

SecuritySerializer: ensure pack separator will not be conflicted with serialized fields #9010

Merged
merged 2 commits into from May 13, 2024
Merged

SecuritySerializer: ensure pack separator will not be conflicted with serialized fields #9010

merged 2 commits into from May 13, 2024

Conversation

shirsa
Copy link
Contributor

@shirsa shirsa commented May 7, 2024

Note: Before submitting this pull request, please review our contributing
guidelines.

Description

This PR fixes a bug in SecuritySerializer module, where the serialized data may contain the value of the sep used to distinguish between the serialized fields. In that case, the fields split will be incorrect and the signature verify will fail.
Here, I encode binary values to base64, to prevent the data will contain the separator

@shirsa
Copy link
Contributor Author

shirsa commented May 7, 2024

@auvipy @Nusnus
Can you check please?
Thanks :)

@shirsa shirsa force-pushed the main branch 2 times, most recently from 53fc46f to 01f98fb Compare May 7, 2024 11:44
@codecov Codecov
Copy link

codecov bot commented May 7, 2024
edited

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 77.80%. Comparing base (780d3b5) to head (190f2ab).

Additional details and impacted files 
@@            Coverage Diff             @@
##             main    #9010      +/-   ##
==========================================
- Coverage   77.81%   77.80%   -0.01%     
==========================================
  Files         150      150              
  Lines       18689    18682       -7     
  Branches     3194     3194              
==========================================
- Hits        14543    14536       -7     
  Misses       3854     3854              
  Partials      292      292
Flag Coverage Δ
unittests 77.78% <100.00%> (-0.01%) ⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@auvipy auvipy closed this May 9, 2024
@auvipy auvipy reopened this May 9, 2024
@shirsa shirsa force-pushed the main branch 2 times, most recently from cfdf81f to 756c9d6 Compare May 9, 2024 12:39
@shirsa
Copy link
Contributor Author

shirsa commented May 9, 2024

@auvipy I added a small commit

@auvipy auvipy merged commit 4cf6ba3 into celery:main May 13, 2024
92 checks passed
@auvipy auvipy added this to the 5.4.x milestone May 13, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@thedrow thedrow thedrow approved these changes

@auvipy auvipy auvipy approved these changes

Assignees
No one assigned
Labels
serializer
Projects
None yet
Milestone
5.4.x
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@shirsa @thedrow @auvipy