diff options
author | Kamil TrzciĆski <ayufan@ayufan.eu> | 2019-04-04 18:00:56 +0300 |
---|---|---|
committer | Sean McGivern <sean@gitlab.com> | 2019-04-04 18:00:56 +0300 |
commit | 8a833c720e91c7b4d764e85c30e3be18ee5221fd (patch) | |
tree | 54b714d8a8f18f6e6f0f8f5da56fae5203f002e8 /lib/gitlab/config | |
parent | 7926384ff32b9ad8833dcfffc9bb87d036c4bd21 (diff) |
Allow to use untrusted Regexp via feature flag
This brings support for untrusted regexp for 'only:refs:' when
enabled via feature flag: alllow_unsafe_ruby_regexp.
This is by default disabled, and should not be used in production
Diffstat (limited to 'lib/gitlab/config')
-rw-r--r-- | lib/gitlab/config/entry/validators.rb | 16 |
1 files changed, 15 insertions, 1 deletions
diff --git a/lib/gitlab/config/entry/validators.rb b/lib/gitlab/config/entry/validators.rb index d0ee94370ba..746fe83f90f 100644 --- a/lib/gitlab/config/entry/validators.rb +++ b/lib/gitlab/config/entry/validators.rb @@ -129,6 +129,12 @@ module Gitlab end end + protected + + def fallback + false + end + private def matches_syntax?(value) @@ -137,7 +143,7 @@ module Gitlab def validate_regexp(value) matches_syntax?(value) && - Gitlab::UntrustedRegexp::RubySyntax.valid?(value) + Gitlab::UntrustedRegexp::RubySyntax.valid?(value, fallback: fallback) end end @@ -162,6 +168,14 @@ module Gitlab end end + class ArrayOfStringsOrRegexpsWithFallbackValidator < ArrayOfStringsOrRegexpsValidator + protected + + def fallback + true + end + end + class ArrayOfStringsOrStringValidator < RegexpValidator def validate_each(record, attribute, value) unless validate_array_of_strings_or_string(value) |