Restrict the length of JSON output indent to 32 #288
Conversation
src/ipahealthcheck/core/output.py
Outdated
| @@ -16,6 +17,26 @@ class OutputRegistry(Registry): | |||
| output_registry = OutputRegistry() | |||
|
|
|||
|
|
|||
| class Int: | |||
| def __init__(self, minimum=0, maximum=0): | |||
There was a problem hiding this comment.
The default value maximum=0 currently does not cause any issue because the only use of this class is setting maximum=32. But for future uses, creating an Int() without parameters would result in only the 0 value allowed. By default it would make more sense to have default maximum=a non-null value.
A check to ensure that minimum < maximum could be added.
There was a problem hiding this comment.
Yeah I guess. I like to give folks a lot of rope to hang themselves with but I can set a reasonable minimum, I just don't know what this might be used for in the future so whatever I choose will be wrong. But it doesn't have to be a gotcha I guess.
Too big a value and the system will exhause memory. Normally I trust users not to do things like but it doesn't hurt to constrain sometimes. Fixes: freeipa#197 Signed-off-by: Rob Crittenden <rcritten@redhat.com>
There was a problem hiding this comment.
@rcritten
thanks for the PR, works for me.
Tested with out of range /invalid values:
# ipa-healthcheck --indent -1
usage: ipa-healthcheck [-h] [--config CONFIG] [--verbose] [--debug] [--list-sources] [--source SOURCE] [--check CHECK]
[--output-type {json,human,prometheus}] [--output-file OUTPUT_FILE] [--version] [--indent INDENT]
[--metric-prefix METRIC_PREFIX] [--input-file INFILE] [--failures-only] [--all] [--severity {SUCCESS,WARNING,ERROR,CRITICAL}]
ipa-healthcheck: error: argument --indent: '-1' is not in the range 0-32
# ipa-healthcheck --indent 33
usage: ipa-healthcheck [-h] [--config CONFIG] [--verbose] [--debug] [--list-sources] [--source SOURCE] [--check CHECK]
[--output-type {json,human,prometheus}] [--output-file OUTPUT_FILE] [--version] [--indent INDENT]
[--metric-prefix METRIC_PREFIX] [--input-file INFILE] [--failures-only] [--all] [--severity {SUCCESS,WARNING,ERROR,CRITICAL}]
ipa-healthcheck: error: argument --indent: '33' is not in the range 0-32
# ipa-healthcheck --indent a
usage: ipa-healthcheck [-h] [--config CONFIG] [--verbose] [--debug] [--list-sources] [--source SOURCE] [--check CHECK]
[--output-type {json,human,prometheus}] [--output-file OUTPUT_FILE] [--version] [--indent INDENT]
[--metric-prefix METRIC_PREFIX] [--input-file INFILE] [--failures-only] [--all] [--severity {SUCCESS,WARNING,ERROR,CRITICAL}]
ipa-healthcheck: error: argument --indent: 'a' is not an integer
Too big a value and the system will exhause memory. Normally I trust users not to do things like but it doesn't hurt to constrain sometimes.
Fixes: #197