From 57de9560e6c6d9ca5373f07ebec9a3441aae3f2c Mon Sep 17 00:00:00 2001 From: MickLesk Date: Mon, 22 Jun 2026 21:39:13 +0200 Subject: [PATCH] fix(update-apps): sanitize service detection and fail on invalid names Reject multi-line or shebang-leaked service names from /usr/bin/update, verify ct/.sh exists before updating, and report ERROR instead of silently marking failed containers as OK. --- tools/pve/update-apps.sh | 65 ++++++++++++++++++++++++++++++---------- 1 file changed, 49 insertions(+), 16 deletions(-) diff --git a/tools/pve/update-apps.sh b/tools/pve/update-apps.sh index e8164b9f7..6e2bd3aac 100644 --- a/tools/pve/update-apps.sh +++ b/tools/pve/update-apps.sh @@ -145,11 +145,35 @@ function header_info { EOF } +function sanitize_service_name() { + local name="${1//$'\r'/}" + name="${name//$'\n'/}" + [[ -z "$name" ]] && return 1 + [[ "$name" == *'#!'* ]] && return 1 + [[ ! "$name" =~ ^[a-zA-Z0-9._-]+$ ]] && return 1 + return 0 +} + +function validate_service_script() { + local name="$1" + sanitize_service_name "$name" || return 1 + curl -fsSL --max-time 10 -o /dev/null \ + "https://raw.githubusercontent.com/community-scripts/ProxmoxVE/main/ct/${name}.sh" 2>/dev/null +} + function detect_service() { - pushd $(mktemp -d) >/dev/null - pct pull "$1" /usr/bin/update update 2>/dev/null - service=$(cat update | sed 's|.*/ct/||g' | sed 's|\.sh).*||g') - popd >/dev/null + local container="$1" + local tmpdir update_file + service="" + tmpdir=$(mktemp -d) + update_file="$tmpdir/update" + pct pull "$container" /usr/bin/update "$update_file" 2>/dev/null || true + if [[ ! -s "$update_file" ]]; then + rm -rf "$tmpdir" + return 1 + fi + service=$(grep -oE '/ct/[a-zA-Z0-9._-]+\.sh' "$update_file" 2>/dev/null | head -n1 | sed 's|.*/ct/||; s|\.sh$||') + rm -rf "$tmpdir" } function dry_run_container() { @@ -447,24 +471,33 @@ for container in $CHOICE; do #1) Detect service using the service name in the update command detect_service $container - #1.1) If update script not detected, return - if [ -z "${service}" ]; then - echo -e "${YW}[WARN]${CL} Update script not found. Skipping to next container" - log_result "$container" "(unknown)" "SKIPPED" "No update script found in container" - log_write "Container $container: SKIPPED — no update script found" + #1.1) If update script not detected or service name is invalid, skip + if [ -z "${service}" ] || ! sanitize_service_name "${service}"; then + echo -e "${RD}[ERROR]${CL} Could not detect a valid service name for container $container" + log_result "$container" "(unknown)" "ERROR" "Invalid or missing service name in /usr/bin/update" + log_write "Container $container: ERROR — invalid or missing service name" continue - else - echo -e "${BL}[INFO]${CL} Detected service: ${GN}${service}${CL}" - log_write "Container $container: detected service '$service'" fi + if ! validate_service_script "${service}"; then + echo -e "${RD}[ERROR]${CL} Service '${service}' does not resolve to ct/${service}.sh" + log_result "$container" "${service}" "ERROR" "No matching ct/${service}.sh script found" + log_write "Container $container: ERROR — ct/${service}.sh not found" + continue + fi + + echo -e "${BL}[INFO]${CL} Detected service: ${GN}${service}${CL}" + log_write "Container $container: detected service '${service}'" + #2) Extract service build/update resource requirements from config/installation file - script=$(curl -fsSL https://raw.githubusercontent.com/community-scripts/ProxmoxVE/main/ct/${service}.sh) + script=$(curl -fsSL "https://raw.githubusercontent.com/community-scripts/ProxmoxVE/main/ct/${service}.sh") #2.1) Check if the script downloaded successfully - if [ $? -ne 0 ]; then - echo -e "${RD}[ERROR]${CL} Issue while downloading install script." - echo -e "${YW}[WARN]${CL} Unable to assess build resource requirements. Proceeding with current resources." + if [ $? -ne 0 ] || [ -z "${script}" ]; then + echo -e "${RD}[ERROR]${CL} Failed to download ct/${service}.sh" + log_result "$container" "${service}" "ERROR" "Failed to download ct/${service}.sh" + log_write "Container $container (${service}): ERROR — failed to download install script" + continue fi config=$(pct config "$container")