Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ANSI escape characters in kubectl output annotation are not being filtered - #107617

Closed
zishen opened this issue Jan 18, 2022 · 8 comments
Closed

ANSI escape characters in kubectl output annotation are not being filtered - #107617

zishen opened this issue Jan 18, 2022 · 8 comments
Labels
kind/bug Categorizes issue or PR as related to a bug. sig/api-machinery Categorizes an issue or PR as relevant to SIG API Machinery. sig/cli Categorizes an issue or PR as relevant to SIG CLI. triage/accepted Indicates an issue or PR is ready to be actively worked on. triage/duplicate Indicates an issue is a duplicate of other open issue.

Comments

@zishen
Copy link

zishen commented Jan 18, 2022

What happened?

The same phenomenon with #101695 ,but in pod and node annotation.

What did you expect to happen?

The ANSI escape characters will be filtered so they couldn't affect the terminal (i.e. using embeded ANSI colors won't do anything to the terminal).

How can we reproduce it (as minimally and precisely as possible)?

run this :
pod:
1-pod
describe the pod:
Uploading 2-describe.png…

Anything else we need to know?

ANSI escape characters were used to abuse terminals emulators and even cause code execution if the terminal is vulnerable(like CVE-2021-25743)

Kubernetes version

Client Version: version.Info{Major:"1", Minor:"18", GitVersion:"v1.18.0", GitCommit:"9e991415386e4cf155a24b1da15becaa390438d8", GitTreeState:"clean", BuildDate:"2020-03-25T14:58:59Z", GoVersion:"go1.13.8", Compiler:"gc", Platform:"linux/amd64"}
Server Version: version.Info{Major:"1", Minor:"18", GitVersion:"v1.18.0", GitCommit:"9e991415386e4cf155a24b1da15becaa390438d8", GitTreeState:"clean", BuildDate:"2020-03-25T14:50:46Z", GoVersion:"go1.13.8", Compiler:"gc", Platform:"linux/amd64"}

Cloud provider

Huwei

OS version

# On Linux:
$ cat /etc/os-release
# paste output here
$ uname -a
# paste output here

# On Windows:
C:\> wmic os get Caption, Version, BuildNumber, OSArchitecture
# paste output here

Install tools

Container runtime (CRI) and and version (if applicable)

Related plugins (CNI, CSI, ...) and versions (if applicable)
@zishen zishen added the kind/bug Categorizes issue or PR as related to a bug. label Jan 18, 2022
@k8s-ci-robot k8s-ci-robot added needs-sig Indicates an issue or PR lacks a `sig/foo` label and requires one. needs-triage Indicates an issue or PR lacks a `triage/foo` label and requires one. labels Jan 18, 2022
@zishen
Copy link
Author

zishen commented Jan 18, 2022

/sig api-machinery

@k8s-ci-robot k8s-ci-robot added sig/api-machinery Categorizes an issue or PR as relevant to SIG API Machinery. and removed needs-sig Indicates an issue or PR lacks a `sig/foo` label and requires one. labels Jan 18, 2022
@neolit123
Copy link
Member

Client Version: version.Info{Major:"1", Minor:"18", GitVersion:"v1.18.0", GitCommit:"9e991415386e4cf155a24b1da15becaa390438d8", GitTreeState:"clean", BuildDate:"2020-03-25T14:58:59Z", GoVersion:"go1.13.8", Compiler:"gc", Platform:"linux/amd64"}
Server Version: version.Info{Major:"1", Minor:"18", GitVersion:"v1.18.0", GitCommit:"9e991415386e4cf155a24b1da15becaa390438d8", GitTreeState:"clean", BuildDate:"2020-03-25T14:50:46Z", GoVersion:"go1.13.8", Compiler:"gc", Platform:"linux/amd64"}

1.18 is out of support. is this reproducible with >= 1.20?

/sig cli
(for kubectl)

@k8s-ci-robot k8s-ci-robot added the sig/cli Categorizes an issue or PR as relevant to SIG CLI. label Jan 18, 2022
@zishen
Copy link
Author

zishen commented Jan 19, 2022

yes, the same in v1.22.2

@liggitt
Copy link
Member

liggitt commented Jan 19, 2022

I think we only need a single issue to track this.

@liggitt
Copy link
Member

liggitt commented Jan 19, 2022

/close
in favor of #101695

@k8s-ci-robot
Copy link
Contributor

@liggitt: Closing this issue.

In response to this:

/close
in favor of #101695

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@liggitt liggitt mentioned this issue Jan 19, 2022
Closed
@sftim
Copy link
Contributor

sftim commented Jan 20, 2022

/triage duplicate

@k8s-ci-robot k8s-ci-robot added the triage/duplicate Indicates an issue is a duplicate of other open issue. label Jan 20, 2022
@fedebongio
Copy link
Contributor

/triage accepted

@k8s-ci-robot k8s-ci-robot added triage/accepted Indicates an issue or PR is ready to be actively worked on. and removed needs-triage Indicates an issue or PR lacks a `triage/foo` label and requires one. labels Jan 20, 2022
@dgl dgl mentioned this issue Sep 19, 2022
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
kind/bug Categorizes issue or PR as related to a bug. sig/api-machinery Categorizes an issue or PR as relevant to SIG API Machinery. sig/cli Categorizes an issue or PR as relevant to SIG CLI. triage/accepted Indicates an issue or PR is ready to be actively worked on. triage/duplicate Indicates an issue is a duplicate of other open issue.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
6 participants
@neolit123 @liggitt @fedebongio @zishen @k8s-ci-robot @sftim