From acea7040bc74a126a0235ab011e3d3bcd7439beb Mon Sep 17 00:00:00 2001
From: Aditya Kali <adityakali@google.com>
Date: Tue, 23 Aug 2016 18:57:48 -0700
Subject: [PATCH 1/2] Add validation for KUBE_USER

Malformed KUBE_USER causes error in cluster setup.
---
 cluster/gce/gci/configure-helper.sh | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/cluster/gce/gci/configure-helper.sh b/cluster/gce/gci/configure-helper.sh
index 57430cb9149..60e5e94610d 100644
--- a/cluster/gce/gci/configure-helper.sh
+++ b/cluster/gce/gci/configure-helper.sh
@@ -755,7 +755,7 @@ function start-kube-apiserver {
   if [[ -n "${KUBE_USER:-}" ]]; then
     local -r abac_policy_json="${src_dir}/abac-authz-policy.jsonl"
     remove-salt-config-comments "${abac_policy_json}"
-    sed -i -e "s@{{kube_user}}@${KUBE_USER}@g" "${abac_policy_json}"
+    sed -i -e "s/{{kube_user}}/${KUBE_USER}/g" "${abac_policy_json}"
     cp "${abac_policy_json}" /etc/srv/kubernetes/
   fi
 
@@ -1115,6 +1115,14 @@ if [[ ! -e "${KUBE_HOME}/kube-env" ]]; then
 fi
 
 source "${KUBE_HOME}/kube-env"
+
+if [[ -n "${KUBE_USER:-}" ]]; then
+  if ! [[ "${KUBE_USER}" =~ ^[-._@a-zA-Z0-9]+$ ]]; then
+    echo "Bad KUBE_USER format."
+    exit 1
+  fi
+fi
+
 config-ip-firewall
 create-dirs
 ensure-local-ssds

From 07d98bebe848231a8783bef5b50f079b04de66bf Mon Sep 17 00:00:00 2001
From: Aditya Kali <adityakali@google.com>
Date: Wed, 24 Aug 2016 12:43:31 -0700
Subject: [PATCH 2/2] Validate KUBE_USER and KUBE_PASSWORD early on

Make sure KUBE_USER and KUBE_PASSWORD contains valid chars
as soon as we read them from kube config.
---
 cluster/common.sh | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/cluster/common.sh b/cluster/common.sh
index e87506e0f55..47c26956b6b 100755
--- a/cluster/common.sh
+++ b/cluster/common.sh
@@ -257,6 +257,16 @@ function load-or-gen-kube-basicauth() {
   if [[ -z "${KUBE_USER:-}" || -z "${KUBE_PASSWORD:-}" ]]; then
     gen-kube-basicauth
   fi
+
+  # Make sure they don't contain any funny characters.
+  if ! [[ "${KUBE_USER}" =~ ^[-._@a-zA-Z0-9]+$ ]]; then
+    echo "Bad KUBE_USER string."
+    exit 1
+  fi
+  if ! [[ "${KUBE_PASSWORD}" =~ ^[-._@#%/a-zA-Z0-9]+$ ]]; then
+    echo "Bad KUBE_PASSWORD string."
+    exit 1
+  fi
 }
 
 function load-or-gen-kube-bearertoken() {