Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

File upload unusual behaviour on a ' character #4535

Closed
BrianDevC opened this issue Oct 26, 2022 · 2 comments · Fixed by #4538
Closed

File upload unusual behaviour on a ' character #4535

BrianDevC opened this issue Oct 26, 2022 · 2 comments · Fixed by #4538
Assignees
@BrianDevC
Milestone
6.3.0

Comments

@BrianDevC
Copy link
Contributor

Describe the bug

A file or folder with the single quote ' character in the path name will exhibit unusual behaviour on the upload.

For example if uploading to /data/te'st/file.txt

The following two folders will be created. All square brackets[] added here to emphasize individual folders, they do not show up in the test.

Empty folder:
/[data]/[te'st]/

Folder with empty file.txt
/[data]/[te\st && base64 -d - >]/[data]/[te\st]/file.txt

Fabric8 Kubernetes Client version

5.12.4

Steps to reproduce

String path = "/data/te'st/file.txt";
            client
                    .pods()
                    .withName(podName)
                    .file(path)
                    .upload(inputStream);

Expected behavior

Empty folder:
/data/te'st/

Folder with empty file.txt
/data/te\st && base64 -d - >/data/te\st/file.txt

Runtime

Kubernetes (vanilla)

Kubernetes API Server version

1.24

Environment

Linux

Fabric8 Kubernetes Client Logs

No response

Additional context

Looks to be the area that's causing the issue is here:

kubernetes-client/kubernetes-client/src/main/java/io/fabric8/kubernetes/client/dsl/internal/uploadable/PodUpload.java

Line 139 in 0f997aa

static String createExecCommandForUpload(String file) {

Specifically inside the shellQuote function:

  public static String shellQuote(String value) {
    return "'" + value.replace("'", "'\\\\''") + "'";
  }
@shawkins
Copy link
Contributor

Specifically inside the shellQuote function:

Yes, that's unfortunately adding an extra escape. Are you interested in submitting a fix?

@BrianDevC
Copy link
Contributor Author

I am actually, just pulling everything down to give it a go. Probably should have specified to avoid duplication of efforts!

BrianDevC added a commit to BrianDevC/iss-4535 that referenced this issue Oct 27, 2022
@BrianDevC
iss-4535
8f5c7aa 
Single quotes in folder or file names were causing corruption of the shell command.
The fix changes the ' character to '"'"'
For example a folder called te'st would now get shellQuoted to 'te'"'"'st'
1. ' ends the first quote,
2. " starts second quote,
3. ' is valid character in double quotes
4. " ends the second quote
5. ' starts the third quote
6. The end result when fed into the shell, is as we desired: te'st

fabric8io#4535
@BrianDevC BrianDevC mentioned this issue Oct 27, 2022
Merged
11 tasks
BrianDevC added a commit to BrianDevC/iss-4535 that referenced this issue Oct 27, 2022
@BrianDevC
iss-4535
888b291 
Changed to be much shorter as pointed out, manual still passes tests.
New test added
Changelog moved.

fabric8io#4535
BrianDevC added a commit to BrianDevC/iss-4535 that referenced this issue Oct 28, 2022
@BrianDevC
iss-4535
a0fac41 
Fixed test brackets that mvn spotless:apply unfortunately didn't.

fabric8io#4535
BrianDevC added a commit to BrianDevC/iss-4535 that referenced this issue Nov 1, 2022
@BrianDevC
iss-4535
fa69db3 
Altered some catch statements to catch exceptions rather than throwables for sonar

fabric8io#4535
manusa pushed a commit to BrianDevC/iss-4535 that referenced this issue Nov 4, 2022
@BrianDevC @manusa
fix: shell command string will now have single quotes sanitized
3105c42 
Single quotes in folder or file names were causing corruption of the shell command.
The fix changes the ' character to '"'"'
For example a folder called te'st would now get shellQuoted to 'te'"'"'st'
1. ' ends the first quote,
2. " starts second quote,
3. ' is valid character in double quotes
4. " ends the second quote
5. ' starts the third quote
6. The end result when fed into the shell, is as we desired: te'st

fabric8io#4535

iss-4535

Changed to be much shorter as pointed out, manual still passes tests.
New test added
Changelog moved.

iss-4535

Fixed test brackets that mvn spotless:apply unfortunately didn't.

fabric8io#4535

iss-4535

Altered some catch statements to catch exceptions rather than throwables for sonar

fabric8io#4535
@manusa manusa added this to the 6.3.0 milestone Nov 4, 2022
manusa pushed a commit that referenced this issue Nov 4, 2022
@BrianDevC @manusa
fix: shell command string will now have single quotes sanitized
12cd4ca 
Single quotes in folder or file names were causing corruption of the shell command.
The fix changes the ' character to '"'"'
For example a folder called te'st would now get shellQuoted to 'te'"'"'st'
1. ' ends the first quote,
2. " starts second quote,
3. ' is valid character in double quotes
4. " ends the second quote
5. ' starts the third quote
6. The end result when fed into the shell, is as we desired: te'st

#4535

iss-4535

Changed to be much shorter as pointed out, manual still passes tests.
New test added
Changelog moved.

iss-4535

Fixed test brackets that mvn spotless:apply unfortunately didn't.

#4535

iss-4535

Altered some catch statements to catch exceptions rather than throwables for sonar

#4535
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@BrianDevC BrianDevC

Labels
None yet
Projects
None yet
Milestone
6.3.0
Development

Successfully merging a pull request may close this issue.

Fix 4535 - support file uploads with filenames containing single quote BrianDevC/iss-4535
3 participants
@manusa @shawkins @BrianDevC