adding username validation to the invoker ssh server
This commit is contained in:
Sarah Barili
parent
e356c69a6f
commit
6d5a26cfd1
1 changed files with 11 additions and 0 deletions
|
|
@ -8,6 +8,7 @@ import (
|
|||
"fmt"
|
||||
"net"
|
||||
"os"
|
||||
"regexp"
|
||||
"strconv"
|
||||
"strings"
|
||||
"time"
|
||||
|
|
@ -241,6 +242,9 @@ func (i *invoker) StartSSHServerWithOptions(ctx context.Context, options StartSS
|
|||
return 0, "", fmt.Errorf("failed to parse SSH server port: %w", err)
|
||||
}
|
||||
|
||||
if !isUsernameValid(response.User) {
|
||||
return 0, "", fmt.Errorf("invalid username: %s", response.User)
|
||||
}
|
||||
return port, response.User, nil
|
||||
}
|
||||
|
||||
|
|
@ -300,3 +304,10 @@ func (i *invoker) notifyCodespaceOfClientActivity(ctx context.Context, activity
|
|||
|
||||
return nil
|
||||
}
|
||||
|
||||
func isUsernameValid(username string) bool {
|
||||
// assuming valid usernames are alphanumeric, with these special characters allowed: . _ -
|
||||
var validUsernamePattern = `^[a-zA-Z0-9._-]+$`
|
||||
re := regexp.MustCompile(validUsernamePattern)
|
||||
return re.MatchString(username)
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue