(FACT-1373) Prevent fact calls from external facts

Prior to this commit, it was possible to make a facter call from within an external fact. This would result in a fork bomb where facter would be constantly calling into itself. In order to prevent this, set an environment variable that allows us to ensure facter is not already running when we make the call to evaluate external facts.
puppetlabs · May 9, 2016 · 9f03658 · 9f03658
1 parent be447f8
commit 9f03658
Showing 1 changed file with 12 additions and 0 deletions.
diff --git a/exe/facter.cc b/exe/facter.cc
@@ -2,6 +2,8 @@
 #include <facter/logging/logging.hpp>
 #include <facter/facts/collection.hpp>
 #include <facter/ruby/ruby.hpp>
+#include <leatherman/logging/logging.hpp>
+#include <leatherman/util/environment.hpp>
 #include <leatherman/util/scope_exit.hpp>
 #include <boost/algorithm/string.hpp>
 // Note the caveats in nowide::cout/cerr; they're not synchronized with stdio.
@@ -25,8 +27,10 @@
 using namespace std;
 using namespace facter::facts;
 using namespace facter::logging;
+using leatherman::util::environment;
 namespace po = boost::program_options;
 
+
 void help(po::options_description& desc)
 {
     boost::nowide::cout <<
@@ -251,7 +255,15 @@ int main(int argc, char **argv)
         facts.add_default_facts(ruby);
 
         if (!vm.count("no-external-facts")) {
+          string inside_facter;
+          environment::get("INSIDE_FACTER", inside_facter);
+
+          if (inside_facter == "true") {
+            LOG_WARNING("Facter was called recursively, skipping external facts. Add '--no-external-facts' to silence this warning");
+          } else {
+            environment::set("INSIDE_FACTER", "true");
             facts.add_external_facts(external_directories);
+          }
         }
 
         // Add the environment facts