Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

If aws_secret_access_key is /\d{40}/, it becomes IntegerType #2253

Closed
ngsw opened this issue Nov 3, 2018 · 4 comments
Closed

If aws_secret_access_key is /\d{40}/, it becomes IntegerType #2253

ngsw opened this issue Nov 3, 2018 · 4 comments
Labels
bug This issue is a bug.

Comments

@ngsw
Copy link
Contributor

ngsw commented Nov 3, 2018

Please fill out the sections below to help us address your issue.

Version of AWS SDK for Go?

  • v1.15.68

Version of Go (go version)?

  • go version go1.11.1 darwin/amd64

What issue did you see?

Steps to reproduce

~/.aws/credentials

[default]
aws_access_key_id = AKIAIOSFODNN7EXAMPLE
aws_secret_access_key = 0123456789012345678901234567890123456789

  add_config 'secrets.patterns' "${opt_quote}${aws}(SECRET|secret|Secret)?_?(ACCESS|access|Access)?_?(KEY|key|Key)${opt_quote}${connect}${opt_quote}[A-Za-z0-9/\+=]{40}${opt_quote}"

reproduce.go

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/credentials"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/ec2"
)

const (
	region = "ap-northeast-1"
)

func errPanic(err error) {
	if err != nil {
		panic(err)
	}
}

func main() {
	profiles := []string{""}
	for _, profile := range profiles {
		cred := credentials.NewSharedCredentials("", profile)

		sess, err := session.NewSession(&aws.Config{
			Credentials: cred,
			Region:      aws.String(region),
		})
		errPanic(err)  // Panic!!

		svc := ec2.New(sess)
		_, err = svc.DescribeInstances(nil)
		errPanic(err)
	}
}

$ go run reproduce.go
panic: SharedConfigLoadError: failed to load config file, /Users/ngsw/.aws/credentials
caused by: strconv.ParseInt: parsing "0123456789012345678901234567890123456789": value out of range

goroutine 1 [running]:
main.errPanic(...)
        /Users/ngsw/REPO/GO_Dropbox/ec2Tmp.go:16
main.main()
        /Users/ngsw/REPO/GO_Dropbox/ec2Tmp.go:30 +0x2b6
exit status 2
@ngsw
Copy link
Contributor Author

ngsw commented Nov 3, 2018

🤔.oO(but maybe no one is in trouble……)

@ngsw ngsw mentioned this issue Nov 3, 2018
Closed
@xibz xibz mentioned this issue Nov 3, 2018
Merged
@xibz xibz added the bug This issue is a bug. label Nov 3, 2018
@xibz
Copy link
Contributor

xibz commented Nov 3, 2018

Hello @ngsw, thank you for reaching out to us and reporting this. I've went ahead and created a PR, #2255, that addresses this. I don't think we should be limiting this check to just a specific key. Please let me know if you have any additional issues.

@ngsw
Copy link
Contributor Author

ngsw commented Nov 3, 2018

@xibz thank you :-)

@ngsw ngsw closed this as completed Nov 3, 2018
@xibz
Copy link
Contributor

xibz commented Nov 5, 2018

@ngsw - We just merged #2255 in. If you have any additional issues, please let us know!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug This issue is a bug.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@ngsw @xibz