From 7697e6e344809ab4603d0764fb8a969c2bbaf3b6 Mon Sep 17 00:00:00 2001 From: James Hegedus Date: Fri, 30 Jul 2021 08:49:01 +1000 Subject: [PATCH] fix: regex validate plugin names on plugin add cmd (#1010) --- lib/commands/command-plugin-add.bash | 7 ++- lib/commands/command-plugin-test.bash | 2 +- .../fixtures/dummy_plugin/bin/post-plugin-add | 2 +- test/plugin_add_command.bats | 55 +++++++++++++------ test/plugin_update_command.bats | 2 +- 5 files changed, 47 insertions(+), 21 deletions(-) diff --git a/lib/commands/command-plugin-add.bash b/lib/commands/command-plugin-add.bash index afc1caf78..68f30fa37 100644 --- a/lib/commands/command-plugin-add.bash +++ b/lib/commands/command-plugin-add.bash @@ -2,12 +2,17 @@ plugin_add_command() { if [[ $# -lt 1 || $# -gt 2 ]]; then - display_error "usage: asdf plugin-add []" + display_error "usage: asdf plugin add []" exit 1 fi local plugin_name=$1 + if ! printf "%s" "$plugin_name" | grep --quiet --extended-regexp "^[a-zA-Z0-9_-]+$"; then + display_error "$plugin_name is invalid. Name must match regex ^[a-zA-Z0-9_-]+$" + exit 1 + fi + if [ -n "$2" ]; then local source_url=$2 else diff --git a/lib/commands/command-plugin-test.bash b/lib/commands/command-plugin-test.bash index e95e63a7d..a4a542655 100644 --- a/lib/commands/command-plugin-test.bash +++ b/lib/commands/command-plugin-test.bash @@ -57,7 +57,7 @@ plugin_test_command() { # shellcheck disable=SC1090 . "$ASDF_DIR/asdf.sh" - if ! (asdf plugin-add "$plugin_name" "$plugin_url"); then + if ! (asdf plugin add "$plugin_name" "$plugin_url"); then fail_test "could not install $plugin_name from $plugin_url" fi diff --git a/test/fixtures/dummy_plugin/bin/post-plugin-add b/test/fixtures/dummy_plugin/bin/post-plugin-add index 0e7d330e6..8a57d87f2 100755 --- a/test/fixtures/dummy_plugin/bin/post-plugin-add +++ b/test/fixtures/dummy_plugin/bin/post-plugin-add @@ -1,3 +1,3 @@ #!/usr/bin/env bash -echo "plugin-add path=${ASDF_PLUGIN_PATH} source_url=${ASDF_PLUGIN_SOURCE_URL}" +echo "plugin add path=${ASDF_PLUGIN_PATH} source_url=${ASDF_PLUGIN_SOURCE_URL}" diff --git a/test/plugin_add_command.bats b/test/plugin_add_command.bats index 83833bb6e..021e38508 100644 --- a/test/plugin_add_command.bats +++ b/test/plugin_add_command.bats @@ -10,8 +10,30 @@ teardown() { clean_asdf_dir } +@test "plugin_add command with plugin name matching all valid regex chars succeeds" { + install_mock_plugin_repo "plugin_with-all-valid-CHARS-123" + + run asdf plugin add "plugin_with-all-valid-CHARS-123" "${BASE_DIR}/repo-plugin_with-all-valid-CHARS-123" + [ "$status" -eq 0 ] + + run asdf plugin-list + [ "$output" = "plugin_with-all-valid-CHARS-123" ] +} + +@test "plugin_add command with plugin name not matching valid regex fails" { + run asdf plugin add "invalid\$plugin\$name" + [ "$status" -eq 1 ] + [ "$output" = "invalid\$plugin\$name is invalid. Name must match regex ^[a-zA-Z0-9_-]+$" ] +} + +@test "plugin_add command with plugin name not matching valid regex fails again" { + run asdf plugin add "#invalid#plugin#name" + [ "$status" -eq 1 ] + [ "$output" = "#invalid#plugin#name is invalid. Name must match regex ^[a-zA-Z0-9_-]+$" ] +} + @test "plugin_add command with no URL specified adds a plugin using repo" { - run asdf plugin-add "elixir" + run asdf plugin add "elixir" [ "$status" -eq 0 ] run asdf plugin-list @@ -22,7 +44,7 @@ teardown() { @test "plugin_add command with URL specified adds a plugin using repo" { install_mock_plugin_repo "dummy" - run asdf plugin-add "dummy" "${BASE_DIR}/repo-dummy" + run asdf plugin add "dummy" "${BASE_DIR}/repo-dummy" [ "$status" -eq 0 ] run asdf plugin-list @@ -33,24 +55,23 @@ teardown() { @test "plugin_add command with URL specified run twice returns error second time" { install_mock_plugin_repo "dummy" - run asdf plugin-add "dummy" "${BASE_DIR}/repo-dummy" - run asdf plugin-add "dummy" "${BASE_DIR}/repo-dummy" + run asdf plugin add "dummy" "${BASE_DIR}/repo-dummy" + run asdf plugin add "dummy" "${BASE_DIR}/repo-dummy" [ "$status" -eq 2 ] [ "$output" = "Plugin named dummy already added" ] } @test "plugin_add command with no URL specified fails if the plugin doesn't exist" { - run asdf plugin-add "does-not-exist" + run asdf plugin add "does-not-exist" [ "$status" -eq 1 ] echo "$output" | grep "plugin does-not-exist not found in repository" } -@test "plugin_add command executes post-plugin-add script" { +@test "plugin_add command executes post-plugin add script" { install_mock_plugin_repo "dummy" - run asdf plugin-add "dummy" "${BASE_DIR}/repo-dummy" - - [ "$output" = "plugin-add path=${ASDF_DIR}/plugins/dummy source_url=${BASE_DIR}/repo-dummy" ] + run asdf plugin add "dummy" "${BASE_DIR}/repo-dummy" + [ "$output" = "plugin add path=${ASDF_DIR}/plugins/dummy source_url=${BASE_DIR}/repo-dummy" ] } @test "plugin_add command executes configured pre hook (generic)" { @@ -60,10 +81,10 @@ teardown() { pre_asdf_plugin_add = echo ADD ${@} EOM - run asdf plugin-add "dummy" "${BASE_DIR}/repo-dummy" + run asdf plugin add "dummy" "${BASE_DIR}/repo-dummy" local expected_output="ADD dummy -plugin-add path=${ASDF_DIR}/plugins/dummy source_url=${BASE_DIR}/repo-dummy" +plugin add path=${ASDF_DIR}/plugins/dummy source_url=${BASE_DIR}/repo-dummy" [ "$output" = "${expected_output}" ] } @@ -74,10 +95,10 @@ plugin-add path=${ASDF_DIR}/plugins/dummy source_url=${BASE_DIR}/repo-dummy" pre_asdf_plugin_add_dummy = echo ADD EOM - run asdf plugin-add "dummy" "${BASE_DIR}/repo-dummy" + run asdf plugin add "dummy" "${BASE_DIR}/repo-dummy" local expected_output="ADD -plugin-add path=${ASDF_DIR}/plugins/dummy source_url=${BASE_DIR}/repo-dummy" +plugin add path=${ASDF_DIR}/plugins/dummy source_url=${BASE_DIR}/repo-dummy" [ "$output" = "${expected_output}" ] } @@ -88,9 +109,9 @@ plugin-add path=${ASDF_DIR}/plugins/dummy source_url=${BASE_DIR}/repo-dummy" post_asdf_plugin_add = echo ADD ${@} EOM - run asdf plugin-add "dummy" "${BASE_DIR}/repo-dummy" + run asdf plugin add "dummy" "${BASE_DIR}/repo-dummy" - local expected_output="plugin-add path=${ASDF_DIR}/plugins/dummy source_url=${BASE_DIR}/repo-dummy + local expected_output="plugin add path=${ASDF_DIR}/plugins/dummy source_url=${BASE_DIR}/repo-dummy ADD dummy" [ "$output" = "${expected_output}" ] } @@ -102,9 +123,9 @@ ADD dummy" post_asdf_plugin_add_dummy = echo ADD EOM - run asdf plugin-add "dummy" "${BASE_DIR}/repo-dummy" + run asdf plugin add "dummy" "${BASE_DIR}/repo-dummy" - local expected_output="plugin-add path=${ASDF_DIR}/plugins/dummy source_url=${BASE_DIR}/repo-dummy + local expected_output="plugin add path=${ASDF_DIR}/plugins/dummy source_url=${BASE_DIR}/repo-dummy ADD" [ "$output" = "${expected_output}" ] } diff --git a/test/plugin_update_command.bats b/test/plugin_update_command.bats index 24d79a61a..494bda44f 100644 --- a/test/plugin_update_command.bats +++ b/test/plugin_update_command.bats @@ -5,7 +5,7 @@ load test_helpers setup() { setup_asdf_dir install_mock_plugin_repo "dummy" - run asdf plugin-add "dummy" "${BASE_DIR}/repo-dummy" + run asdf plugin add "dummy" "${BASE_DIR}/repo-dummy" } teardown() {