From 492a69650e73bb25c5a65e769037ec1ede837bd4 Mon Sep 17 00:00:00 2001 From: parkiino Date: Tue, 15 Apr 2025 00:01:09 -0400 Subject: [PATCH 1/4] fixed the regex to not include single / as valid path --- .../kbn-securitysolution-utils/src/path_validations/index.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/x-pack/solutions/security/packages/kbn-securitysolution-utils/src/path_validations/index.ts b/x-pack/solutions/security/packages/kbn-securitysolution-utils/src/path_validations/index.ts index 965a5b9fbe0fe..d6eb0bb8848b0 100644 --- a/x-pack/solutions/security/packages/kbn-securitysolution-utils/src/path_validations/index.ts +++ b/x-pack/solutions/security/packages/kbn-securitysolution-utils/src/path_validations/index.ts @@ -184,7 +184,7 @@ const doesPathMatchRegex = ({ os, value }: { os: OperatingSystem; value: string /^[a-z]:(?:|\\\\[^<>:"'/\\|?*]+\\[^<>:"'/\\|?*]+|%\w+%|)[\\](?:[^<>:"'/\\|?*]+[\\/])*([^<>:"'/\\|?*])+$/i; return filePathRegex.test(value); } - return /^(\/|(\/[\w\-]+)+|\/[\w\-]+\.[\w]+|(\/[\w-]+)+\/[\w\-]+\.[\w]+)$/i.test(value); + return /^((\/[\w\-]+)+|\/[\w\-]+\.[\w]+|(\/[\w-]+)+\/[\w\-]+\.[\w]+)$/i.test(value); }; const isWindowsWildcardPathValid = (path: string): boolean => { From ce8df189ebdd9788b3f308aa9ed67bea4fb1300c Mon Sep 17 00:00:00 2001 From: parkiino Date: Tue, 15 Apr 2025 11:28:15 -0400 Subject: [PATCH 2/4] fix test --- .../src/path_validations/index.test.ts | 22 +++++++++---------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/x-pack/solutions/security/packages/kbn-securitysolution-utils/src/path_validations/index.test.ts b/x-pack/solutions/security/packages/kbn-securitysolution-utils/src/path_validations/index.test.ts index 5304c3a710613..2c4658c6e935e 100644 --- a/x-pack/solutions/security/packages/kbn-securitysolution-utils/src/path_validations/index.test.ts +++ b/x-pack/solutions/security/packages/kbn-securitysolution-utils/src/path_validations/index.test.ts @@ -566,17 +566,6 @@ describe('Acceptable Mac/Linux wildcard paths', () => { }); describe('Acceptable Mac/Linux exact paths', () => { - it('should accept paths when it is the root path', () => { - expect( - isPathValid({ - os: OperatingSystem.LINUX, - field: ConditionEntryField.PATH, - type: 'match', - value: '/', - }) - ).toEqual(true); - }); - it('should accept paths when it ends with a file name', () => { expect( isPathValid({ @@ -625,6 +614,17 @@ describe('Acceptable Mac/Linux exact paths with hyphens', () => { }); describe('Unacceptable Mac/Linux exact paths', () => { + it('should not accept paths when it is the root path', () => { + expect( + isPathValid({ + os: OperatingSystem.LINUX, + field: ConditionEntryField.PATH, + type: 'match', + value: '/', + }) + ).toEqual(false); + }); + it('should not accept paths with \\', () => { expect( isPathValid({ From 06b610598b73b221cff0ecc13990af38444633e0 Mon Sep 17 00:00:00 2001 From: parkiino Date: Fri, 25 Apr 2025 22:48:27 -0400 Subject: [PATCH 3/4] revert changes and add in ashs code --- .../src/path_validations/index.test.ts | 22 +++++++------- .../src/path_validations/index.ts | 8 ++--- .../view/components/form.test.tsx | 30 +++++++++++++++++++ .../trusted_apps/view/components/form.tsx | 16 ++++++---- 4 files changed, 55 insertions(+), 21 deletions(-) diff --git a/x-pack/solutions/security/packages/kbn-securitysolution-utils/src/path_validations/index.test.ts b/x-pack/solutions/security/packages/kbn-securitysolution-utils/src/path_validations/index.test.ts index 2c4658c6e935e..5304c3a710613 100644 --- a/x-pack/solutions/security/packages/kbn-securitysolution-utils/src/path_validations/index.test.ts +++ b/x-pack/solutions/security/packages/kbn-securitysolution-utils/src/path_validations/index.test.ts @@ -566,6 +566,17 @@ describe('Acceptable Mac/Linux wildcard paths', () => { }); describe('Acceptable Mac/Linux exact paths', () => { + it('should accept paths when it is the root path', () => { + expect( + isPathValid({ + os: OperatingSystem.LINUX, + field: ConditionEntryField.PATH, + type: 'match', + value: '/', + }) + ).toEqual(true); + }); + it('should accept paths when it ends with a file name', () => { expect( isPathValid({ @@ -614,17 +625,6 @@ describe('Acceptable Mac/Linux exact paths with hyphens', () => { }); describe('Unacceptable Mac/Linux exact paths', () => { - it('should not accept paths when it is the root path', () => { - expect( - isPathValid({ - os: OperatingSystem.LINUX, - field: ConditionEntryField.PATH, - type: 'match', - value: '/', - }) - ).toEqual(false); - }); - it('should not accept paths with \\', () => { expect( isPathValid({ diff --git a/x-pack/solutions/security/packages/kbn-securitysolution-utils/src/path_validations/index.ts b/x-pack/solutions/security/packages/kbn-securitysolution-utils/src/path_validations/index.ts index d6eb0bb8848b0..4835cbf20fb38 100644 --- a/x-pack/solutions/security/packages/kbn-securitysolution-utils/src/path_validations/index.ts +++ b/x-pack/solutions/security/packages/kbn-securitysolution-utils/src/path_validations/index.ts @@ -184,7 +184,7 @@ const doesPathMatchRegex = ({ os, value }: { os: OperatingSystem; value: string /^[a-z]:(?:|\\\\[^<>:"'/\\|?*]+\\[^<>:"'/\\|?*]+|%\w+%|)[\\](?:[^<>:"'/\\|?*]+[\\/])*([^<>:"'/\\|?*])+$/i; return filePathRegex.test(value); } - return /^((\/[\w\-]+)+|\/[\w\-]+\.[\w]+|(\/[\w-]+)+\/[\w\-]+\.[\w]+)$/i.test(value); + return /^(\/|(\/[\w\-]+)+|\/[\w\-]+\.[\w]+|(\/[\w-]+)+\/[\w\-]+\.[\w]+)$/i.test(value); }; const isWindowsWildcardPathValid = (path: string): boolean => { @@ -199,7 +199,7 @@ const isWindowsWildcardPathValid = (path: string): boolean => { trimmedValue.length !== path.length || firstCharacter === '^' || lastCharacter === '\\' || - !hasWildcard({ path, isWindowsPath: true }) + !hasWildcardInPath({ path, isWindowsPath: true }) ) { return false; } else { @@ -219,7 +219,7 @@ const isLinuxMacWildcardPathValid = (path: string): boolean => { lastCharacter === '/' || path.length > 1024 === true || path.includes('//') === true || - !hasWildcard({ path, isWindowsPath: false }) + !hasWildcardInPath({ path, isWindowsPath: false }) ) { return false; } else { @@ -227,7 +227,7 @@ const isLinuxMacWildcardPathValid = (path: string): boolean => { } }; -const hasWildcard = ({ +const hasWildcardInPath = ({ path, isWindowsPath, }: { diff --git a/x-pack/solutions/security/plugins/security_solution/public/management/pages/trusted_apps/view/components/form.test.tsx b/x-pack/solutions/security/plugins/security_solution/public/management/pages/trusted_apps/view/components/form.test.tsx index 469bfd7c0978c..1b39820ae7115 100644 --- a/x-pack/solutions/security/plugins/security_solution/public/management/pages/trusted_apps/view/components/form.test.tsx +++ b/x-pack/solutions/security/plugins/security_solution/public/management/pages/trusted_apps/view/components/form.test.tsx @@ -316,6 +316,36 @@ describe('Trusted apps form', () => { expect(screen.getByText(INPUT_ERRORS.pathWarning(0))).not.toBeNull(); }); + it('should show path malformed path warning for linux/mac without an executable name', () => { + render(); + expect(screen.queryByText(INPUT_ERRORS.pathWarning(0))).toBeNull(); + expect(screen.queryByText(INPUT_ERRORS.wildcardPathWarning(0))).toBeNull(); + + const propsItem: Partial = { + os_types: [OperatingSystem.LINUX], + entries: [createEntry(ConditionEntryField.PATH, 'match', '/')], + }; + formProps.item = { ...formProps.item, ...propsItem }; + render(); + expect(screen.getByText(INPUT_ERRORS.pathWarning(0))).not.toBeNull(); + expect(screen.queryByText(INPUT_ERRORS.wildcardPathWarning(0))).toBeNull(); + }); + + it('should show path malformed path warning for windows with no executable name', () => { + render(); + expect(screen.queryByText(INPUT_ERRORS.pathWarning(0))).toBeNull(); + expect(screen.queryByText(INPUT_ERRORS.wildcardPathWarning(0))).toBeNull(); + + const propsItem: Partial = { + os_types: [OperatingSystem.WINDOWS], + entries: [createEntry(ConditionEntryField.PATH, 'match', 'c:\\fold\\')], + }; + formProps.item = { ...formProps.item, ...propsItem }; + render(); + expect(screen.getByText(INPUT_ERRORS.pathWarning(0))).not.toBeNull(); + expect(screen.queryByText(INPUT_ERRORS.wildcardPathWarning(0))).toBeNull(); + }); + it('should show wildcard in path warning', () => { render(); expect(screen.queryByText(INPUT_ERRORS.wildcardPathWarning(0))).toBeNull(); diff --git a/x-pack/solutions/security/plugins/security_solution/public/management/pages/trusted_apps/view/components/form.tsx b/x-pack/solutions/security/plugins/security_solution/public/management/pages/trusted_apps/view/components/form.tsx index 503a4ae7508b7..193f2042a669f 100644 --- a/x-pack/solutions/security/plugins/security_solution/public/management/pages/trusted_apps/view/components/form.tsx +++ b/x-pack/solutions/security/plugins/security_solution/public/management/pages/trusted_apps/view/components/form.tsx @@ -195,12 +195,16 @@ const validateValues = (values: ArtifactFormComponentProps['item']): ValidationR type: entry.type as EntryTypes, }) ) { - addResultToValidation( - validation, - 'entries', - 'warnings', - INPUT_ERRORS.wildcardPathWarning(index) - ); + if (entry.type === 'wildcard') { + addResultToValidation( + validation, + 'entries', + 'warnings', + INPUT_ERRORS.wildcardPathWarning(index) + ); + } else { + addResultToValidation(validation, 'entries', 'warnings', INPUT_ERRORS.pathWarning(index)); + } } }); } From 931f0427b9c754b503c6c728b378383c29a5267f Mon Sep 17 00:00:00 2001 From: parkiino Date: Fri, 2 May 2025 16:16:12 -0400 Subject: [PATCH 4/4] rearrange tests --- .../view/components/form.test.tsx | 98 ++++++++++--------- 1 file changed, 51 insertions(+), 47 deletions(-) diff --git a/x-pack/solutions/security/plugins/security_solution/public/management/pages/trusted_apps/view/components/form.test.tsx b/x-pack/solutions/security/plugins/security_solution/public/management/pages/trusted_apps/view/components/form.test.tsx index 1b39820ae7115..99701bb082762 100644 --- a/x-pack/solutions/security/plugins/security_solution/public/management/pages/trusted_apps/view/components/form.test.tsx +++ b/x-pack/solutions/security/plugins/security_solution/public/management/pages/trusted_apps/view/components/form.test.tsx @@ -304,59 +304,63 @@ describe('Trusted apps form', () => { expect(getConditionValue(getCondition()).required).toEqual(true); }); - it('should show path malformed warning', () => { - render(); - expect(screen.queryByText(INPUT_ERRORS.pathWarning(0))).toBeNull(); - - const propsItem: Partial = { - entries: [createEntry(ConditionEntryField.PATH, 'match', 'malformed-path')], - }; - formProps.item = { ...formProps.item, ...propsItem }; - render(); - expect(screen.getByText(INPUT_ERRORS.pathWarning(0))).not.toBeNull(); - }); - - it('should show path malformed path warning for linux/mac without an executable name', () => { - render(); - expect(screen.queryByText(INPUT_ERRORS.pathWarning(0))).toBeNull(); - expect(screen.queryByText(INPUT_ERRORS.wildcardPathWarning(0))).toBeNull(); + describe('IS operator', () => { + it('should show path malformed warning', () => { + render(); + expect(screen.queryByText(INPUT_ERRORS.pathWarning(0))).toBeNull(); + + const propsItem: Partial = { + entries: [createEntry(ConditionEntryField.PATH, 'match', 'malformed-path')], + }; + formProps.item = { ...formProps.item, ...propsItem }; + render(); + expect(screen.getByText(INPUT_ERRORS.pathWarning(0))).not.toBeNull(); + }); - const propsItem: Partial = { - os_types: [OperatingSystem.LINUX], - entries: [createEntry(ConditionEntryField.PATH, 'match', '/')], - }; - formProps.item = { ...formProps.item, ...propsItem }; - render(); - expect(screen.getByText(INPUT_ERRORS.pathWarning(0))).not.toBeNull(); - expect(screen.queryByText(INPUT_ERRORS.wildcardPathWarning(0))).toBeNull(); - }); + it('should show path malformed path warning for linux/mac without an executable name', () => { + render(); + expect(screen.queryByText(INPUT_ERRORS.pathWarning(0))).toBeNull(); + expect(screen.queryByText(INPUT_ERRORS.wildcardPathWarning(0))).toBeNull(); - it('should show path malformed path warning for windows with no executable name', () => { - render(); - expect(screen.queryByText(INPUT_ERRORS.pathWarning(0))).toBeNull(); - expect(screen.queryByText(INPUT_ERRORS.wildcardPathWarning(0))).toBeNull(); + const propsItem: Partial = { + os_types: [OperatingSystem.LINUX], + entries: [createEntry(ConditionEntryField.PATH, 'match', '/')], + }; + formProps.item = { ...formProps.item, ...propsItem }; + render(); + expect(screen.getByText(INPUT_ERRORS.pathWarning(0))).not.toBeNull(); + expect(screen.queryByText(INPUT_ERRORS.wildcardPathWarning(0))).toBeNull(); + }); - const propsItem: Partial = { - os_types: [OperatingSystem.WINDOWS], - entries: [createEntry(ConditionEntryField.PATH, 'match', 'c:\\fold\\')], - }; - formProps.item = { ...formProps.item, ...propsItem }; - render(); - expect(screen.getByText(INPUT_ERRORS.pathWarning(0))).not.toBeNull(); - expect(screen.queryByText(INPUT_ERRORS.wildcardPathWarning(0))).toBeNull(); + it('should show path malformed path warning for windows with no executable name', () => { + render(); + expect(screen.queryByText(INPUT_ERRORS.pathWarning(0))).toBeNull(); + expect(screen.queryByText(INPUT_ERRORS.wildcardPathWarning(0))).toBeNull(); + + const propsItem: Partial = { + os_types: [OperatingSystem.WINDOWS], + entries: [createEntry(ConditionEntryField.PATH, 'match', 'c:\\fold\\')], + }; + formProps.item = { ...formProps.item, ...propsItem }; + render(); + expect(screen.getByText(INPUT_ERRORS.pathWarning(0))).not.toBeNull(); + expect(screen.queryByText(INPUT_ERRORS.wildcardPathWarning(0))).toBeNull(); + }); }); - it('should show wildcard in path warning', () => { - render(); - expect(screen.queryByText(INPUT_ERRORS.wildcardPathWarning(0))).toBeNull(); + describe('MATCHES operator', () => { + it('should show wildcard in path warning', () => { + render(); + expect(screen.queryByText(INPUT_ERRORS.wildcardPathWarning(0))).toBeNull(); - const propsItem: Partial = { - os_types: [OperatingSystem.LINUX], - entries: [createEntry(ConditionEntryField.PATH, 'wildcard', '/sys/wil*/*.app')], - }; - formProps.item = { ...formProps.item, ...propsItem }; - render(); - expect(screen.getByText(INPUT_ERRORS.wildcardPathWarning(0))).not.toBeNull(); + const propsItem: Partial = { + os_types: [OperatingSystem.LINUX], + entries: [createEntry(ConditionEntryField.PATH, 'wildcard', '/sys/wil*/*.app')], + }; + formProps.item = { ...formProps.item, ...propsItem }; + render(); + expect(screen.getByText(INPUT_ERRORS.wildcardPathWarning(0))).not.toBeNull(); + }); }); it('should display the `AND` button', () => {