Fix instance name validation

2025-11-06 00:54:23 +00:00 · 2025-10-21 22:57:23 +02:00
parent c6ebe47511
commit bc025bbe28
2 changed files with 90 additions and 6 deletions
--- a/pkg/manager/manager_test.go
+++ b/pkg/manager/manager_test.go
@@ -134,6 +134,85 @@ func TestConcurrentAccess(t *testing.T) {
 	}
 }

+// TestCreateInstance_RejectsPathTraversal tests that instance names with path traversal attempts are rejected
+func TestCreateInstance_RejectsPathTraversal(t *testing.T) {
+	tempDir := t.TempDir()
+	cfg := createPersistenceConfig(tempDir)
+	backendConfig := createBackendConfig()
+	mgr := manager.New(backendConfig, cfg, map[string]config.NodeConfig{}, "main")
+
+	options := &instance.Options{
+		BackendOptions: backends.Options{
+			BackendType: backends.BackendTypeLlamaCpp,
+			LlamaServerOptions: &backends.LlamaServerOptions{
+				Model: "/path/to/model.gguf",
+				Port:  8080,
+			},
+		},
+	}
+
+	// Test cases for malicious instance names
+	maliciousNames := []string{
+		"../../etc/passwd",      // Classic path traversal
+		"../../../etc/shadow",   // Multiple parent directory references
+		"/etc/passwd",           // Absolute path
+		"foo/../bar",            // Parent reference in middle
+		".../.../",              // Variation with multiple dots
+		".hidden",               // Hidden file
+		"foo/bar",               // Forward slash
+		"foo\\bar",              // Backslash (Windows-style)
+		"test..instance",        // Double dots not at path boundary (should fail)
+		"normal-name/../escape", // Normal-looking name with traversal
+	}
+
+	for _, name := range maliciousNames {
+		t.Run(name, func(t *testing.T) {
+			_, err := mgr.CreateInstance(name, options)
+			if err == nil {
+				t.Errorf("Expected error when creating instance with malicious name %q, but got none", name)
+			}
+		})
+	}
+}
+
+// TestCreateInstance_AcceptsValidNames tests that valid instance names are accepted
+func TestCreateInstance_AcceptsValidNames(t *testing.T) {
+	tempDir := t.TempDir()
+	cfg := createPersistenceConfig(tempDir)
+	backendConfig := createBackendConfig()
+	mgr := manager.New(backendConfig, cfg, map[string]config.NodeConfig{}, "main")
+	defer mgr.Shutdown()
+
+	options := &instance.Options{
+		BackendOptions: backends.Options{
+			BackendType: backends.BackendTypeLlamaCpp,
+			LlamaServerOptions: &backends.LlamaServerOptions{
+				Model: "/path/to/model.gguf",
+			},
+		},
+	}
+
+	// Valid instance names
+	validNames := []string{
+		"test-instance",
+		"my_instance",
+		"instance123",
+		"test-name-with-dashes",
+		"name_with_underscores",
+	}
+
+	for _, name := range validNames {
+		t.Run(name, func(t *testing.T) {
+			_, err := mgr.CreateInstance(name, options)
+			if err != nil {
+				t.Errorf("Expected instance with valid name %q to be created, but got error: %v", name, err)
+			}
+			// Clean up
+			mgr.DeleteInstance(name)
+		})
+	}
+}
+
 // Helper functions for test configuration
 func createBackendConfig() config.BackendConfig {
 	// Use 'sleep' as a test command instead of 'llama-server'