mirror of
https://github.com/fleetdm/fleet
synced 2026-05-23 08:58:41 +00:00
avoid oob panic (#30910)
# Checklist for submitter If some of the following don't apply, delete the relevant line. <!-- Note that API documentation changes are now addressed by the product design team. --> - [x] Input data is properly validated, `SELECT *` is avoided, SQL injection is prevented (using placeholders for values in statements) - [x] Added/updated automated tests - [x] Manual QA for all new/changed functionality - [x] For unreleased bug fixes in a release candidate, confirmed that the fix is not expected to adversely impact load test results or alerted the release DRI if additional load testing is needed.
This commit is contained in:
Jahziel Villasana-Espinoza
GitHub
parent
586a1d5b84
commit
d6083c500e
3 changed files with 76 additions and 8 deletions
|
|
@ -1746,9 +1746,6 @@ AND hvsi.verification_failed_at IS NULL
|
|||
|
||||
var result []*fleet.HostVPPSoftwareInstall
|
||||
if err := sqlx.SelectContext(ctx, ds.reader(ctx), &result, stmt, hostUUID); err != nil {
|
||||
if errors.Is(err, sql.ErrNoRows) {
|
||||
return nil, notFound("HostVPPSoftwareInstall")
|
||||
}
|
||||
return nil, ctxerr.Wrap(ctx, err, "get unverified VPP installs for host")
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -37,6 +37,7 @@ func TestVPP(t *testing.T) {
|
|||
{"DeleteVPPAssignedToPolicy", testDeleteVPPAssignedToPolicy},
|
||||
{"TestVPPTokenTeamAssignment", testVPPTokenTeamAssignment},
|
||||
{"TestGetAllVPPApps", testGetAllVPPApps},
|
||||
{"TestGetUnverifiedVPPInstallsForHost", testGetUnverifiedVPPInstallsForHost},
|
||||
}
|
||||
|
||||
for _, c := range cases {
|
||||
|
|
@ -1959,3 +1960,73 @@ func testGetAllVPPApps(t *testing.T, ds *Datastore) {
|
|||
|
||||
require.Equal(t, apps, []*fleet.VPPApp{app1, app2, app3})
|
||||
}
|
||||
|
||||
func testGetUnverifiedVPPInstallsForHost(t *testing.T, ds *Datastore) {
|
||||
ctx := context.Background()
|
||||
|
||||
test.CreateInsertGlobalVPPToken(t, ds)
|
||||
|
||||
va1, err := ds.InsertVPPAppWithTeam(ctx, &fleet.VPPApp{
|
||||
Name: "vpp1", BundleIdentifier: "com.app.vpp1",
|
||||
VPPAppTeam: fleet.VPPAppTeam{VPPAppID: fleet.VPPAppID{AdamID: "adam_vpp_app_1", Platform: fleet.MacOSPlatform}},
|
||||
}, nil)
|
||||
require.NoError(t, err)
|
||||
vpp1 := va1.VPPAppID
|
||||
|
||||
va2, err := ds.InsertVPPAppWithTeam(ctx, &fleet.VPPApp{
|
||||
Name: "vpp2", BundleIdentifier: "com.app.vpp2",
|
||||
VPPAppTeam: fleet.VPPAppTeam{VPPAppID: fleet.VPPAppID{AdamID: "adam_vpp_app_2", Platform: fleet.MacOSPlatform}},
|
||||
}, nil)
|
||||
require.NoError(t, err)
|
||||
vpp2 := va2.VPPAppID
|
||||
|
||||
va3, err := ds.InsertVPPAppWithTeam(ctx, &fleet.VPPApp{
|
||||
Name: "vpp3", BundleIdentifier: "com.app.vpp3",
|
||||
VPPAppTeam: fleet.VPPAppTeam{VPPAppID: fleet.VPPAppID{AdamID: "adam_vpp_app_3", Platform: fleet.MacOSPlatform}},
|
||||
}, nil)
|
||||
require.NoError(t, err)
|
||||
vpp3 := va3.VPPAppID
|
||||
|
||||
h1, err := ds.NewHost(ctx, &fleet.Host{
|
||||
Hostname: "macos-test-1",
|
||||
OsqueryHostID: ptr.String("osquery-macos-1"),
|
||||
NodeKey: ptr.String("node-key-macos-1"),
|
||||
UUID: uuid.NewString(),
|
||||
Platform: "darwin",
|
||||
HardwareSerial: "654321a",
|
||||
})
|
||||
require.NoError(t, err)
|
||||
nanoEnroll(t, ds, h1, false)
|
||||
|
||||
cmdUUID1 := createVPPAppInstallRequest(t, ds, h1, vpp1.AdamID, nil)
|
||||
createVPPAppInstallResult(t, ds, h1, cmdUUID1, "Acknowledged")
|
||||
|
||||
cmdUUID2 := createVPPAppInstallRequest(t, ds, h1, vpp2.AdamID, nil)
|
||||
createVPPAppInstallResult(t, ds, h1, cmdUUID2, "Acknowledged")
|
||||
|
||||
cmdUUID3 := createVPPAppInstallRequest(t, ds, h1, vpp3.AdamID, nil)
|
||||
createVPPAppInstallResult(t, ds, h1, cmdUUID3, "Acknowledged")
|
||||
|
||||
for _, step := range []struct {
|
||||
installUUID string
|
||||
before int
|
||||
after int
|
||||
}{
|
||||
{installUUID: cmdUUID1, before: 3, after: 2},
|
||||
{installUUID: cmdUUID2, before: 2, after: 1},
|
||||
{installUUID: cmdUUID3, before: 1, after: 0},
|
||||
} {
|
||||
|
||||
x, err := ds.GetUnverifiedVPPInstallsForHost(ctx, h1.UUID)
|
||||
require.NoError(t, err)
|
||||
assert.Len(t, x, step.before)
|
||||
|
||||
err = ds.SetVPPInstallAsVerified(ctx, h1.ID, step.installUUID, fleet.VerifySoftwareInstallCommandUUID())
|
||||
require.NoError(t, err)
|
||||
|
||||
x, err = ds.GetUnverifiedVPPInstallsForHost(ctx, h1.UUID)
|
||||
require.NoError(t, err)
|
||||
assert.Len(t, x, step.after)
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
|||
|
|
@ -3978,14 +3978,14 @@ func NewInstalledApplicationListResultsHandler(
|
|||
|
||||
expectedInstalls, err := ds.GetUnverifiedVPPInstallsForHost(ctx, installedAppResult.HostUUID())
|
||||
if err != nil {
|
||||
if fleet.IsNotFound(err) {
|
||||
// Then something weird happened, so log it and exit (we can't do anything here in this case).
|
||||
level.Warn(logger).Log("msg", "no vpp installs found for verification UUID", "command_uuid", installedAppResult.UUID())
|
||||
return nil
|
||||
}
|
||||
return ctxerr.Wrap(ctx, err, "InstalledApplicationList handler: getting install record")
|
||||
}
|
||||
|
||||
if len(expectedInstalls) == 0 {
|
||||
level.Warn(logger).Log("msg", "no vpp installs found for host", "host_uuid", installedAppResult.HostUUID(), "verification_command_uuid", installedAppResult.UUID())
|
||||
return nil
|
||||
}
|
||||
|
||||
installsByBundleID := map[string]fleet.Software{}
|
||||
for _, install := range installedApps {
|
||||
installsByBundleID[install.BundleIdentifier] = install
|
||||
|
|
|
|||
Loading…
Reference in a new issue