Merge pull request #44513 from mml/windows

Automatic merge from submit-queue (batch tested with PRs 44519, 43194, 44513)

Use regexp instead of substring to do search and replace.

enisoc pointed out how ToLower can change (lengthen even!) the length of
a string given arbitrary input.

Follow-up to #44421 for #44419

staging/src/k8s.io/apiserver/pkg/endpoints/metrics/metrics.go

@@ -20,6 +20,7 @@ import (
 	"bufio"
 	"net"
 	"net/http"
+	"regexp"
 	"strconv"
 	"strings"
 	"time"
@@ -58,6 +59,7 @@ var (
 		},
 		[]string{"verb", "resource"},
 	)
+	kubectlExeRegexp = regexp.MustCompile(`^.*((?i:kubectl\.exe))`)
 )
 
 // Register all metrics.
@@ -114,9 +116,7 @@ func cleanUserAgent(ua string) string {
 		return "Browser"
 	}
 	// If an old "kubectl.exe" has passed us its full path, we discard the path portion.
-	if exeIdx := strings.LastIndex(strings.ToLower(ua), "kubectl.exe"); exeIdx != -1 {
+	ua = kubectlExeRegexp.ReplaceAllString(ua, "$1")
-		return ua[exeIdx:]
-	}
 	return ua
 }
 

staging/src/k8s.io/apiserver/pkg/endpoints/metrics/metrics_test.go

@@ -19,6 +19,8 @@ package metrics
 import "testing"
 
 func TestCleanUserAgent(t *testing.T) {
+	panicBuf := []byte{198, 73, 129, 133, 90, 216, 104, 29, 13, 134, 209, 233, 30, 0, 22}
+
 	for _, tc := range []struct {
 		In  string
 		Out string
@@ -39,6 +41,11 @@ func TestCleanUserAgent(t *testing.T) {
 			In:  `C:\Program Files\kubectl.exe/v1.5.4`,
 			Out: "kubectl.exe/v1.5.4",
 		},
+		{
+			// This malicious input courtesy of enisoc.
+			In:  string(panicBuf) + "kubectl.exe",
+			Out: "kubectl.exe",
+		},
 	} {
 		if cleanUserAgent(tc.In) != tc.Out {
 			t.Errorf("Failed to clean User-Agent: %s", tc.In)