-
Notifications
You must be signed in to change notification settings - Fork 13
Expand file tree
/
Copy path022-github-actions-command-injection-via-timeout-test-name.patch
More file actions
53 lines (52 loc) · 1.87 KB
/
Copy path022-github-actions-command-injection-via-timeout-test-name.patch
File metadata and controls
53 lines (52 loc) · 1.87 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
diff --git a/src/runtime/cli/test_command.rs b/src/runtime/cli/test_command.rs
index 70691b02a4..1c3f895c30 100644
--- a/src/runtime/cli/test_command.rs
+++ b/src/runtime/cli/test_command.rs
@@ -199,7 +199,38 @@ pub fn escape_xml(str_: &[u8], writer: &mut impl bun_io::Write) -> Result<(), bu
Ok(())
}
-fn fmt_status_text_line(
+struct GithubActionProperty<'a>(&'a [u8]);
+
+impl core::fmt::Display for GithubActionProperty<'_> {
+ fn fmt(&self, f: &mut core::fmt::Formatter<'_>) -> core::fmt::Result {
+ let mut last: usize = 0;
+ for (i, byte) in self.0.iter().copied().enumerate() {
+ let escaped = match byte {
+ b'%' => "%25",
+ b'\r' => "%0D",
+ b'\n' => "%0A",
+ b':' => "%3A",
+ b',' => "%2C",
+ _ => continue,
+ };
+ if i > last {
+ write!(f, "{}", bstr::BStr::new(&self.0[last..i]))?;
+ }
+ f.write_str(escaped)?;
+ last = i + 1;
+ }
+ if last < self.0.len() {
+ write!(f, "{}", bstr::BStr::new(&self.0[last..]))?;
+ }
+ Ok(())
+ }
+}
+
+fn github_action_property(value: &[u8]) -> GithubActionProperty<'_> {
+ GithubActionProperty(value)
+}
+
+fn fmt_status_text_line(
status: bun_test::Execution::Result,
emoji_or_color: bool,
) -> Output::PrettyBuf {
@@ -951,7 +982,7 @@ impl CommandLineReporter {
if Output::is_github_action() {
Output::print_error(format_args!(
"::error title=error: Test \"{}\" timed out after {}ms::\n",
- bstr::BStr::new(display_label),
+ github_action_property(display_label),
test_entry.timeout
));
Output::flush();