synced/coder
1
0
Fork 0
mirror of https://github.com/coder/coder.git synced 2025-07-13 21:36:50 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: disallow out of range ports (#12414)

Browse Source
This commit is contained in:
Garrett Delfosse
2024-03-04 12:25:06 -05:00
committed by GitHub
parent 3a86ae569a
commit 8f190b2016
3 changed files with 35 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
coderd/workspaceagentportshare.go
View File

@ -33,6 +33,25 @@ func (api *API) postWorkspaceAgentPortShare(rw http.ResponseWriter, r *http.Requ
if !req.ShareLevel.ValidPortShareLevel() { if !req.ShareLevel.ValidPortShareLevel() {
httpapi.Write(ctx, rw, http.StatusBadRequest, codersdk.Response{ httpapi.Write(ctx, rw, http.StatusBadRequest, codersdk.Response{
Message: "Port sharing level not allowed.", Message: "Port sharing level not allowed.",
Validations: []codersdk.ValidationError{
{
Field: "share_level",
Detail: "Port sharing level not allowed.",
},
},
})
return
}
if req.Port < 9 || req.Port > 65535 {
httpapi.Write(ctx, rw, http.StatusBadRequest, codersdk.Response{
Message: "Port must be between 9 and 65535.",
Validations: []codersdk.ValidationError{
{
Field: "port",
Detail: "Port must be between 9 and 65535.",
},
},
}) })
return return
} }

14
coderd/workspaceagentportshare_test.go
View File

@ -54,6 +54,20 @@ func TestPostWorkspaceAgentPortShare(t *testing.T) {
}) })
require.Error(t, err) require.Error(t, err)
// invalid port should fail
_, err = client.UpsertWorkspaceAgentPortShare(ctx, r.Workspace.ID, codersdk.UpsertWorkspaceAgentPortShareRequest{
AgentName: agents[0].Name,
Port: 0,
ShareLevel: codersdk.WorkspaceAgentPortShareLevelPublic,
})
require.Error(t, err)
_, err = client.UpsertWorkspaceAgentPortShare(ctx, r.Workspace.ID, codersdk.UpsertWorkspaceAgentPortShareRequest{
AgentName: agents[0].Name,
Port: 90000000,
ShareLevel: codersdk.WorkspaceAgentPortShareLevelPublic,
})
require.Error(t, err)
// OK, ignoring template max port share level because we are AGPL // OK, ignoring template max port share level because we are AGPL
ps, err := client.UpsertWorkspaceAgentPortShare(ctx, r.Workspace.ID, codersdk.UpsertWorkspaceAgentPortShareRequest{ ps, err := client.UpsertWorkspaceAgentPortShare(ctx, r.Workspace.ID, codersdk.UpsertWorkspaceAgentPortShareRequest{
AgentName: agents[0].Name, AgentName: agents[0].Name,

4
site/src/modules/resources/PortForwardButton.tsx
View File

@ -109,7 +109,7 @@ export const PortForwardButton: FC<PortForwardButtonProps> = (props) => {
const getValidationSchema = (): Yup.AnyObjectSchema => const getValidationSchema = (): Yup.AnyObjectSchema =>
Yup.object({ Yup.object({
port: Yup.number().required().min(0).max(65535), port: Yup.number().required().min(9).max(65535),
share_level: Yup.string().required().oneOf(WorkspaceAppSharingLevels), share_level: Yup.string().required().oneOf(WorkspaceAppSharingLevels),
}); });
@ -245,7 +245,7 @@ export const PortForwardPopoverView: FC<PortForwardPopoverViewProps> = ({
name="portNumber" name="portNumber"
type="number" type="number"
placeholder="Connect to port..." placeholder="Connect to port..."
min={0} min={9}
max={65535} max={65535}
required required
css={styles.newPortInput} css={styles.newPortInput}