Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commit8f190b2

Browse files
authored
fix: disallow out of range ports (#12414)
1 parent3a86ae5 commit8f190b2

File tree

3 files changed

+35
-2
lines changed

3 files changed

+35
-2
lines changed

‎coderd/workspaceagentportshare.go

Lines changed: 19 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -33,6 +33,25 @@ func (api *API) postWorkspaceAgentPortShare(rw http.ResponseWriter, r *http.Requ
3333
if!req.ShareLevel.ValidPortShareLevel() {
3434
httpapi.Write(ctx,rw,http.StatusBadRequest, codersdk.Response{
3535
Message:"Port sharing level not allowed.",
36+
Validations: []codersdk.ValidationError{
37+
{
38+
Field:"share_level",
39+
Detail:"Port sharing level not allowed.",
40+
},
41+
},
42+
})
43+
return
44+
}
45+
46+
ifreq.Port<9||req.Port>65535 {
47+
httpapi.Write(ctx,rw,http.StatusBadRequest, codersdk.Response{
48+
Message:"Port must be between 9 and 65535.",
49+
Validations: []codersdk.ValidationError{
50+
{
51+
Field:"port",
52+
Detail:"Port must be between 9 and 65535.",
53+
},
54+
},
3655
})
3756
return
3857
}

‎coderd/workspaceagentportshare_test.go

Lines changed: 14 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -54,6 +54,20 @@ func TestPostWorkspaceAgentPortShare(t *testing.T) {
5454
})
5555
require.Error(t,err)
5656

57+
// invalid port should fail
58+
_,err=client.UpsertWorkspaceAgentPortShare(ctx,r.Workspace.ID, codersdk.UpsertWorkspaceAgentPortShareRequest{
59+
AgentName:agents[0].Name,
60+
Port:0,
61+
ShareLevel:codersdk.WorkspaceAgentPortShareLevelPublic,
62+
})
63+
require.Error(t,err)
64+
_,err=client.UpsertWorkspaceAgentPortShare(ctx,r.Workspace.ID, codersdk.UpsertWorkspaceAgentPortShareRequest{
65+
AgentName:agents[0].Name,
66+
Port:90000000,
67+
ShareLevel:codersdk.WorkspaceAgentPortShareLevelPublic,
68+
})
69+
require.Error(t,err)
70+
5771
// OK, ignoring template max port share level because we are AGPL
5872
ps,err:=client.UpsertWorkspaceAgentPortShare(ctx,r.Workspace.ID, codersdk.UpsertWorkspaceAgentPortShareRequest{
5973
AgentName:agents[0].Name,

‎site/src/modules/resources/PortForwardButton.tsx

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -109,7 +109,7 @@ export const PortForwardButton: FC<PortForwardButtonProps> = (props) => {
109109

110110
constgetValidationSchema=():Yup.AnyObjectSchema=>
111111
Yup.object({
112-
port:Yup.number().required().min(0).max(65535),
112+
port:Yup.number().required().min(9).max(65535),
113113
share_level:Yup.string().required().oneOf(WorkspaceAppSharingLevels),
114114
});
115115

@@ -245,7 +245,7 @@ export const PortForwardPopoverView: FC<PortForwardPopoverViewProps> = ({
245245
name="portNumber"
246246
type="number"
247247
placeholder="Connect to port..."
248-
min={0}
248+
min={9}
249249
max={65535}
250250
required
251251
css={styles.newPortInput}

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp