From fe202fcfc47c7e0fa7d75dc933c9988bb5a53e5e Mon Sep 17 00:00:00 2001
From: Matt Liggett <mml@google.com>
Date: Fri, 14 Apr 2017 14:25:02 -0700
Subject: [PATCH] Use regexp instead of substring to do search and replace.

enisoc pointed out how ToLower can change (lengthen even!) the length of
a string given arbitrary input.
---
 .../src/k8s.io/apiserver/pkg/endpoints/metrics/metrics.go  | 6 +++---
 .../k8s.io/apiserver/pkg/endpoints/metrics/metrics_test.go | 7 +++++++
 2 files changed, 10 insertions(+), 3 deletions(-)

diff --git a/staging/src/k8s.io/apiserver/pkg/endpoints/metrics/metrics.go b/staging/src/k8s.io/apiserver/pkg/endpoints/metrics/metrics.go
index 2ace1c849bf..863ad98b417 100644
--- a/staging/src/k8s.io/apiserver/pkg/endpoints/metrics/metrics.go
+++ b/staging/src/k8s.io/apiserver/pkg/endpoints/metrics/metrics.go
@@ -20,6 +20,7 @@ import (
 	"bufio"
 	"net"
 	"net/http"
+	"regexp"
 	"strconv"
 	"strings"
 	"time"
@@ -58,6 +59,7 @@ var (
 		},
 		[]string{"verb", "resource"},
 	)
+	kubectlExeRegexp = regexp.MustCompile(`^.*((?i:kubectl\.exe))`)
 )
 
 // Register all metrics.
@@ -114,9 +116,7 @@ func cleanUserAgent(ua string) string {
 		return "Browser"
 	}
 	// If an old "kubectl.exe" has passed us its full path, we discard the path portion.
-	if exeIdx := strings.LastIndex(strings.ToLower(ua), "kubectl.exe"); exeIdx != -1 {
-		return ua[exeIdx:]
-	}
+	ua = kubectlExeRegexp.ReplaceAllString(ua, "$1")
 	return ua
 }
 
diff --git a/staging/src/k8s.io/apiserver/pkg/endpoints/metrics/metrics_test.go b/staging/src/k8s.io/apiserver/pkg/endpoints/metrics/metrics_test.go
index 01c1689e22b..4c0a8aa5d27 100644
--- a/staging/src/k8s.io/apiserver/pkg/endpoints/metrics/metrics_test.go
+++ b/staging/src/k8s.io/apiserver/pkg/endpoints/metrics/metrics_test.go
@@ -19,6 +19,8 @@ package metrics
 import "testing"
 
 func TestCleanUserAgent(t *testing.T) {
+	panicBuf := []byte{198, 73, 129, 133, 90, 216, 104, 29, 13, 134, 209, 233, 30, 0, 22}
+
 	for _, tc := range []struct {
 		In  string
 		Out string
@@ -39,6 +41,11 @@ func TestCleanUserAgent(t *testing.T) {
 			In:  `C:\Program Files\kubectl.exe/v1.5.4`,
 			Out: "kubectl.exe/v1.5.4",
 		},
+		{
+			// This malicious input courtesy of enisoc.
+			In:  string(panicBuf) + "kubectl.exe",
+			Out: "kubectl.exe",
+		},
 	} {
 		if cleanUserAgent(tc.In) != tc.Out {
 			t.Errorf("Failed to clean User-Agent: %s", tc.In)