fix: validate path for getHomeDirectory

packages/core/src/auth/credentials/sharedCredentialsFile.ts

@@ -8,15 +8,24 @@
 import { join } from 'path'
 import { EnvironmentVariables } from '../../shared/environmentVariables'
 import { SystemUtilities } from '../../shared/systemUtilities'
+import { isValidPath } from '../../shared/utilities/pathUtils'
 
 export function getCredentialsFilename(): string {
     const env = process.env as EnvironmentVariables
 
-    return env.AWS_SHARED_CREDENTIALS_FILE || join(SystemUtilities.getHomeDirectory(), '.aws', 'credentials')
+    if (env.AWS_SHARED_CREDENTIALS_FILE && isValidPath(env.AWS_SHARED_CREDENTIALS_FILE)) {
+        return env.AWS_SHARED_CREDENTIALS_FILE
+    }
+
+    return join(SystemUtilities.getHomeDirectory(), '.aws', 'credentials')
 }
 
 export function getConfigFilename(): string {
     const env = process.env as EnvironmentVariables
 
-    return env.AWS_CONFIG_FILE || join(SystemUtilities.getHomeDirectory(), '.aws', 'config')
+    if (env.AWS_CONFIG_FILE && isValidPath(env.AWS_CONFIG_FILE)) {
+        return env.AWS_CONFIG_FILE
+    }
+
+    return join(SystemUtilities.getHomeDirectory(), '.aws', 'config')
 }

packages/core/src/shared/systemUtilities.ts

@@ -16,6 +16,7 @@ import { isCloud9 } from './extensionUtilities'
 import { Settings } from './settings'
 import { PermissionsError, PermissionsTriplet, isFileNotFoundError, isNoPermissionsError } from './errors'
 import globals, { isWeb } from './extensionGlobals'
+import { isValidPath } from './utilities/pathUtils'
 
 export function createPermissionsErrorHandler(
     uri: vscode.Uri,
@@ -60,13 +61,13 @@ export class SystemUtilities {
 
         const env = process.env as EnvironmentVariables
 
-        if (env.HOME !== undefined) {
+        if (env.HOME && isValidPath(env.HOME)) {
             return env.HOME
         }
-        if (env.USERPROFILE !== undefined) {
+        if (env.USERPROFILE && isValidPath(env.USERPROFILE)) {
             return env.USERPROFILE
         }
-        if (env.HOMEPATH !== undefined) {
+        if (env.HOMEPATH && isValidPath(env.HOMEPATH)) {
             const homeDrive: string = env.HOMEDRIVE || 'C:'
 
             return path.join(homeDrive, env.HOMEPATH)

packages/core/src/shared/utilities/pathUtils.ts

@@ -5,6 +5,8 @@
 
 import * as os from 'os'
 import * as _path from 'path'
+import { getLogger } from '../logger'
+import { isWeb } from '../extensionGlobals'
 
 export const driveLetterRegex = /^[a-zA-Z]\:/
 
@@ -126,3 +128,24 @@ export function getDriveLetter(path: string): string {
 
     return fullpath.substring(0, 1)
 }
+
+/**
+ * Checks if the provided path is valid and exists.
+ * @todo: Migrate fs.existsSync to fsCommon.exists
+ *
+ * @param {string} [path] - The path to be checked. If not provided, defaults to an empty string.
+ * @returns {boolean} Returns true if the path is valid and exists, otherwise returns false.
+ */
+export function isValidPath(path?: string): boolean {
+    if (isWeb()) {
+        return !!path
+    }
+
+    const fs = require('fs-extra')
+
+    if (path && path.length !== 0 && fs.existsSync(_path.resolve(path))) {
+        return true
+    }
+    getLogger().error('Invalid path %s', path)
+    return false
+}

packages/core/src/test/credentials/sharedCredentials.test.ts

@@ -6,6 +6,8 @@
 import assert from 'assert'
 import * as path from 'path'
 import * as fs from 'fs-extra'
+import * as sinon from 'sinon'
+import * as pathUtils from '../../shared/utilities/pathUtils'
 import { EnvironmentVariables } from '../../shared/environmentVariables'
 import { makeTemporaryToolkitFolder } from '../../shared/filesystemUtilities'
 import { getCredentialsFilename, getConfigFilename } from '../../auth/credentials/sharedCredentialsFile'
@@ -17,6 +19,7 @@ describe('sharedCredentials', function () {
         // Make a temp folder for all these tests
         // Stick some temp credentials files in there to load from
         tempFolder = await makeTemporaryToolkitFolder()
+        sinon.stub(pathUtils, 'isValidPath').returns(true)
     })
 
     afterEach(async function () {
@@ -27,6 +30,7 @@ describe('sharedCredentials', function () {
 
     after(async function () {
         await fs.remove(tempFolder)
+        sinon.restore()
     })
 
     describe('getCredentialsFilename', function () {

packages/core/src/test/shared/credentials/userCredentialsUtils.test.ts

@@ -19,17 +19,28 @@ import {
 import { UserCredentialsUtils } from '../../../shared/credentials/userCredentialsUtils'
 import { EnvironmentVariables } from '../../../shared/environmentVariables'
 import { makeTemporaryToolkitFolder } from '../../../shared/filesystemUtilities'
+import * as pathUtils from '../../../shared/utilities/pathUtils'
+import { getConfigFilename, getCredentialsFilename } from '../../../auth/credentials/sharedCredentialsFile'
 
 describe('UserCredentialsUtils', function () {
     let tempFolder: string
+    const defaultConfigFileName = getConfigFilename()
+    const defaultCredentialsFilename = getCredentialsFilename()
 
     before(async function () {
         // Make a temp folder for all these tests
         // Stick some temp credentials files in there to load from
         tempFolder = await makeTemporaryToolkitFolder()
+        sinon.stub(pathUtils, 'isValidPath').returns(true)
     })
 
     afterEach(async function () {
+        if (fs.existsSync(defaultConfigFileName)) {
+            await fs.rm(defaultConfigFileName)
+        }
+        if (fs.existsSync(defaultCredentialsFilename)) {
+            await fs.rm(defaultCredentialsFilename)
+        }
         sinon.restore()
     })
 
@@ -113,6 +124,7 @@ describe('UserCredentialsUtils', function () {
                 profileName: profileName,
                 secretKey: 'ABC',
             }
+            createCredentialsFile(credentialsFilename, [profileName])
             await UserCredentialsUtils.generateCredentialsFile(creds)
 
             const sharedConfigFiles = await loadSharedConfigFiles({ credentials: Uri.file(credentialsFilename) })

packages/core/src/test/shared/systemUtilities.test.ts

@@ -8,8 +8,10 @@ import * as vscode from 'vscode'
 import * as fs from 'fs-extra'
 import * as os from 'os'
 import * as path from 'path'
+import * as sinon from 'sinon'
 import * as utils from 'util'
 
+import * as pathUtils from '../../shared/utilities/pathUtils'
 import { EnvironmentVariables } from '../../shared/environmentVariables'
 import { makeTemporaryToolkitFolder } from '../../shared/filesystemUtilities'
 import { SystemUtilities } from '../../shared/systemUtilities'
@@ -23,10 +25,12 @@ describe('SystemUtilities', function () {
         // Make a temp folder for all these tests
         // Stick some temp credentials files in there to load from
         tempFolder = await makeTemporaryToolkitFolder()
+        sinon.stub(pathUtils, 'isValidPath').returns(true)
     })
 
     after(async function () {
         await fs.remove(tempFolder)
+        sinon.restore()
     })
 
     describe('getHomeDirectory', function () {