Fix vulnerability in Regex #13

mlajkim · 2023-04-17T05:29:09Z

Description

destructive changes on black_list/white_list/admin_access_list
- from regex to wildcard
docker image
- remove upx
- use non-root user

Type of change

Bug fix
New feature
Refactoring (no functional changes, no api changes)
Non-code changes (update documentation, pipeline, etc.)

Flags

Breaks backward compatibility
Requires a documentation update
Has untestable code

Related issue/PR

merged: remove upx #14
merged: use non-root user in docker image #15

Checklist

Followed the guidelines in the CONTRIBUTING document
Added prefix [skip ci]/[ci skip]/[no ci]/[skip actions]/[actions skip] in the PR title if necessary
Tested and linted the code
Commented the code
Made corresponding changes to the documentation
Passed all pipeline checking

Checklist for maintainer

Use Squash and merge
Double-confirm the merge message has prefix [skip ci]/[ci skip]/[no ci]/[skip actions]/[actions skip]
Delete the branch after merge

Signed-off-by: wfan <wfan@yahoo-corp.jp>

config/config_test.go

go.mod

config/config.go

config/config_test.go

service/resolver.go

service/resolver_test.go

service/resource_mapper.go

Co-authored-by: Windz <WindzCUHK@users.noreply.github.com> Signed-off-by: Aaron Jeongwoo Kim <53258958+mlajkim@users.noreply.github.com>

service/resolver.go

WindzCUHK · 2023-04-20T09:15:04Z

created issue for updating doc: #17

mlajkim and others added 16 commits April 17, 2023 14:26

feat: add maintainer jekim

8465591

fix: indent

cf9d3b3

fix: vulnerabilities in logic

733bf7b

refactor: redundant ok bool var

a168acb

feat: buildRobustRegex()

b684e00

feat: logger with some refactors

801bbfd

feat: install github.com/AthenZ/athenz-authorizer/v5

2691845

feat: escape removed

d6cc8e9

fix: logger with escape

24e2168

feat: apply assertion of athenz-authorizer

daf5113

fix: test strings

1bb1444

fix: go 1.18 -> 1.20

fc462f3

remove upx (#14)

747b118

Signed-off-by: wfan <wfan@yahoo-corp.jp>

test setcap (#15)

aba05ed

Signed-off-by: wfan <wfan@yahoo-corp.jp>

fix check cmd

10c52a7

Signed-off-by: wfan <wfan@yahoo-corp.jp>

fix: log message

bd0b04a

mlajkim commented Apr 20, 2023

View reviewed changes

config/config_test.go Outdated Show resolved Hide resolved

WindzCUHK reviewed Apr 20, 2023

View reviewed changes

mlajkim and others added 12 commits April 20, 2023 15:47

feat: WindzCHUK advice applied

800d015

Co-authored-by: Windz <WindzCUHK@users.noreply.github.com> Signed-off-by: Aaron Jeongwoo Kim <53258958+mlajkim@users.noreply.github.com>

feat: WindzCHUK advice applied

e6e2ebc

Co-authored-by: Windz <WindzCUHK@users.noreply.github.com> Signed-off-by: Aaron Jeongwoo Kim <53258958+mlajkim@users.noreply.github.com>

feat: WindzCHUK advice applied

78ed811

Co-authored-by: Windz <WindzCUHK@users.noreply.github.com> Signed-off-by: Aaron Jeongwoo Kim <53258958+mlajkim@users.noreply.github.com>

feat: WindzCHUK advice applied

325c17b

Co-authored-by: Windz <WindzCUHK@users.noreply.github.com> Signed-off-by: Aaron Jeongwoo Kim <53258958+mlajkim@users.noreply.github.com>

feat: WindzCHUK advice applied

95756d7

Co-authored-by: Windz <WindzCUHK@users.noreply.github.com> Signed-off-by: Aaron Jeongwoo Kim <53258958+mlajkim@users.noreply.github.com>

refactor: redundant comments removed

dff0a1e

feat: apply given comment from wfan

06d6ac1

Co-authored-by: Windz <WindzCUHK@users.noreply.github.com> Signed-off-by: Aaron Jeongwoo Kim <53258958+mlajkim@users.noreply.github.com>

feat: apply given comment from wfan

7844449

Co-authored-by: Windz <WindzCUHK@users.noreply.github.com> Signed-off-by: Aaron Jeongwoo Kim <53258958+mlajkim@users.noreply.github.com>

fix: message

1e3ab8d

fix: message

72113d1

feat: WindzCHUK advice applied

5cc2438

Co-authored-by: Windz <WindzCUHK@users.noreply.github.com> Signed-off-by: Aaron Jeongwoo Kim <53258958+mlajkim@users.noreply.github.com>

fix: debug logger

40a26e6

WindzCUHK reviewed Apr 20, 2023

View reviewed changes

service/resolver.go Outdated Show resolved Hide resolved

service/resolver.go Outdated Show resolved Hide resolved

feat: use Debugf

8e500ea

WindzCUHK approved these changes Apr 20, 2023

View reviewed changes

WindzCUHK merged commit f76ec3d into master Apr 20, 2023

WindzCUHK deleted the fix-vulnerability-in-regex branch April 20, 2023 09:09

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Fix vulnerability in Regex #13

Fix vulnerability in Regex #13

Uh oh!

mlajkim commented Apr 17, 2023 •

edited by WindzCUHK

Loading

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

WindzCUHK commented Apr 20, 2023

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants

Fix vulnerability in Regex #13

Fix vulnerability in Regex #13

Uh oh!

Conversation

mlajkim commented Apr 17, 2023 • edited by WindzCUHK Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Description

Type of change

Flags

Related issue/PR

Checklist

Checklist for maintainer

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

WindzCUHK commented Apr 20, 2023

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants

mlajkim commented Apr 17, 2023 •

edited by WindzCUHK

Loading