safcm: strip invalid characters from detected os/arch groups

Handle them like any other detected group because the remote can send
invalid values. The current code can handle arbitrary group names just
fine but it's better to treat all untrusted input the same.

diff --git a/cmd/safcm/sync_info.go b/cmd/safcm/sync_info.go
index 0df33e3eeaa302ef52c8a7d149e5f107d82812b1..5ba6ac83c903df14afc3c0a99396ec70dd453bb4 100644 (file)
--- a/cmd/safcm/sync_info.go
+++ b/cmd/safcm/sync_info.go
@@ -50,14 +50,19 @@ var infoGroupDetectedRegexp = regexp.MustCompile(`[^a-z0-9_-]+`)
 
 func hostInfoRespToGroups(resp safcm.MsgInfoResp) []string {
        groups := []string{
-               config.GroupDetectedPrefix + "_" + resp.Goos,
-               config.GroupDetectedPrefix + "_" + resp.Goarch,
+               hostInfoDetectedGroupName(resp.Goos),
+               hostInfoDetectedGroupName(resp.Goarch),
        }
        for _, x := range resp.Output {
+               groups = append(groups, hostInfoDetectedGroupName(x))
+       }
+       return groups
+}
+
+func hostInfoDetectedGroupName(x string) string {
                x = strings.TrimSpace(x)
                x = strings.ToLower(x)
                x = infoGroupDetectedRegexp.ReplaceAllString(x, "_")
-               groups = append(groups, config.GroupDetectedPrefix+"_"+x)
-       }
-       return groups
+       x = config.GroupDetectedPrefix + "_" + x
+       return x
 }

diff --git a/cmd/safcm/sync_info_test.go b/cmd/safcm/sync_info_test.go
index 7ad13c9fd01084e6c54c9915cf418b9f9d57e663..b1da4c1d87c42d22ed24b66a34b4f0e610f53c67 100644 (file)
--- a/cmd/safcm/sync_info_test.go
+++ b/cmd/safcm/sync_info_test.go
@@ -63,6 +63,19 @@ func TestHostInfoRespToGroups(t *testing.T) {
                                "detected_with_utf-8_hello_",
                        },
                },
+
+               {
+                       "invalid goos/goarch",
+                       safcm.MsgInfoResp{
+                               Goos:   " INVALID goos! ",
+                               Goarch: "Hello, 世界",
+                               Output: nil,
+                       },
+                       []string{
+                               "detected_invalid_goos_",
+                               "detected_hello_",
+                       },
+               },
        }
 
        for _, tc := range tests {