packages/grafana
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
grafana/CVE-2022-21673.patch
wk333 d6e1573827 Fix CVE-2022-21673
2022-01-27 10:04:52 +08:00

213 lines
10 KiB
Diff
Raw Blame History

From bb0cfbc1d9ee75ba9c1068276e490e2868bb112f Mon Sep 17 00:00:00 2001
From: Dimitris Sotirakis <dimitrios.sotirakis@grafana.com>
Date: Tue, 18 Jan 2022 10:51:10 +0200
Subject: [PATCH] [v7.5.x] GetUserInfo: return an error if no user was found
(#212)
* Update grabpl version
* return an error if no user was found
(cherry picked from commit b9d3b9b5a40d8aad0adadd6d278427320fb4aebe)
* also if authid is empty
Co-authored-by: Kevin Minehart <kmineh0151@gmail.com>
---
.drone.yml | 36 +++++++++++++++---------------
pkg/services/sqlstore/user_auth.go | 4 ++++
scripts/lib.star | 2 +-
3 files changed, 23 insertions(+), 19 deletions(-)
diff --git a/.drone.yml b/.drone.yml
index 55dd0893c30e8..6da4e5b76fb1a 100644
--- a/.drone.yml
+++ b/.drone.yml
@@ -17,7 +17,7 @@ steps:
image: grafana/build-container:1.4.1
commands:
- mkdir -p bin
- - curl -fL -o bin/grabpl https://grafana-downloads.storage.googleapis.com/grafana-build-pipeline/v0.5.58/grabpl
+ - curl -fL -o bin/grabpl https://grafana-downloads.storage.googleapis.com/grafana-build-pipeline/v0.5.59/grabpl
- chmod +x bin/grabpl
- ./bin/grabpl verify-drone
- curl -fLO https://github.com/jwilder/dockerize/releases/download/v$${DOCKERIZE_VERSION}/dockerize-linux-amd64-v$${DOCKERIZE_VERSION}.tar.gz
@@ -266,7 +266,7 @@ steps:
image: grafana/build-container:1.4.1
commands:
- mkdir -p bin
- - curl -fL -o bin/grabpl https://grafana-downloads.storage.googleapis.com/grafana-build-pipeline/v0.5.58/grabpl
+ - curl -fL -o bin/grabpl https://grafana-downloads.storage.googleapis.com/grafana-build-pipeline/v0.5.59/grabpl
- chmod +x bin/grabpl
- ./bin/grabpl verify-drone
- curl -fLO https://github.com/jwilder/dockerize/releases/download/v$${DOCKERIZE_VERSION}/dockerize-linux-amd64-v$${DOCKERIZE_VERSION}.tar.gz
@@ -605,7 +605,7 @@ steps:
image: grafana/ci-wix:0.1.1
commands:
- $$ProgressPreference = "SilentlyContinue"
- - Invoke-WebRequest https://grafana-downloads.storage.googleapis.com/grafana-build-pipeline/v0.5.58/windows/grabpl.exe -OutFile grabpl.exe
+ - Invoke-WebRequest https://grafana-downloads.storage.googleapis.com/grafana-build-pipeline/v0.5.59/windows/grabpl.exe -OutFile grabpl.exe
- name: build-windows-installer
image: grafana/ci-wix:0.1.1
@@ -654,7 +654,7 @@ steps:
image: grafana/build-container:1.4.1
commands:
- mkdir -p bin
- - curl -fL -o bin/grabpl https://grafana-downloads.storage.googleapis.com/grafana-build-pipeline/v0.5.58/grabpl
+ - curl -fL -o bin/grabpl https://grafana-downloads.storage.googleapis.com/grafana-build-pipeline/v0.5.59/grabpl
- chmod +x bin/grabpl
- ./bin/grabpl verify-drone
environment:
@@ -742,7 +742,7 @@ steps:
image: grafana/build-container:1.4.1
commands:
- mkdir -p bin
- - curl -fL -o bin/grabpl https://grafana-downloads.storage.googleapis.com/grafana-build-pipeline/v0.5.58/grabpl
+ - curl -fL -o bin/grabpl https://grafana-downloads.storage.googleapis.com/grafana-build-pipeline/v0.5.59/grabpl
- chmod +x bin/grabpl
- ./bin/grabpl verify-drone
- ./bin/grabpl verify-version ${DRONE_TAG}
@@ -1056,7 +1056,7 @@ steps:
image: grafana/ci-wix:0.1.1
commands:
- $$ProgressPreference = "SilentlyContinue"
- - Invoke-WebRequest https://grafana-downloads.storage.googleapis.com/grafana-build-pipeline/v0.5.58/windows/grabpl.exe -OutFile grabpl.exe
+ - Invoke-WebRequest https://grafana-downloads.storage.googleapis.com/grafana-build-pipeline/v0.5.59/windows/grabpl.exe -OutFile grabpl.exe
- name: build-windows-installer
image: grafana/ci-wix:0.1.1
@@ -1106,7 +1106,7 @@ steps:
image: grafana/build-container:1.4.1
commands:
- mkdir -p bin
- - curl -fL -o bin/grabpl https://grafana-downloads.storage.googleapis.com/grafana-build-pipeline/v0.5.58/grabpl
+ - curl -fL -o bin/grabpl https://grafana-downloads.storage.googleapis.com/grafana-build-pipeline/v0.5.59/grabpl
- chmod +x bin/grabpl
- git clone "https://$${GITHUB_TOKEN}@github.com/grafana/grafana-enterprise.git"
- cd grafana-enterprise
@@ -1503,7 +1503,7 @@ steps:
image: grafana/ci-wix:0.1.1
commands:
- $$ProgressPreference = "SilentlyContinue"
- - Invoke-WebRequest https://grafana-downloads.storage.googleapis.com/grafana-build-pipeline/v0.5.58/windows/grabpl.exe -OutFile grabpl.exe
+ - Invoke-WebRequest https://grafana-downloads.storage.googleapis.com/grafana-build-pipeline/v0.5.59/windows/grabpl.exe -OutFile grabpl.exe
- git clone "https://$$env:GITHUB_TOKEN@github.com/grafana/grafana-enterprise.git"
- cd grafana-enterprise
- git checkout ${DRONE_TAG}
@@ -1568,7 +1568,7 @@ steps:
image: grafana/build-container:1.4.1
commands:
- mkdir -p bin
- - curl -fL -o bin/grabpl https://grafana-downloads.storage.googleapis.com/grafana-build-pipeline/v0.5.58/grabpl
+ - curl -fL -o bin/grabpl https://grafana-downloads.storage.googleapis.com/grafana-build-pipeline/v0.5.59/grabpl
- chmod +x bin/grabpl
- ./bin/grabpl verify-drone
- ./bin/grabpl verify-version ${DRONE_TAG}
@@ -1676,7 +1676,7 @@ steps:
image: grafana/build-container:1.4.1
commands:
- mkdir -p bin
- - curl -fL -o bin/grabpl https://grafana-downloads.storage.googleapis.com/grafana-build-pipeline/v0.5.58/grabpl
+ - curl -fL -o bin/grabpl https://grafana-downloads.storage.googleapis.com/grafana-build-pipeline/v0.5.59/grabpl
- chmod +x bin/grabpl
- ./bin/grabpl verify-drone
- ./bin/grabpl verify-version v7.3.0-test
@@ -1979,7 +1979,7 @@ steps:
image: grafana/ci-wix:0.1.1
commands:
- $$ProgressPreference = "SilentlyContinue"
- - Invoke-WebRequest https://grafana-downloads.storage.googleapis.com/grafana-build-pipeline/v0.5.58/windows/grabpl.exe -OutFile grabpl.exe
+ - Invoke-WebRequest https://grafana-downloads.storage.googleapis.com/grafana-build-pipeline/v0.5.59/windows/grabpl.exe -OutFile grabpl.exe
- name: build-windows-installer
image: grafana/ci-wix:0.1.1
@@ -2029,7 +2029,7 @@ steps:
image: grafana/build-container:1.4.1
commands:
- mkdir -p bin
- - curl -fL -o bin/grabpl https://grafana-downloads.storage.googleapis.com/grafana-build-pipeline/v0.5.58/grabpl
+ - curl -fL -o bin/grabpl https://grafana-downloads.storage.googleapis.com/grafana-build-pipeline/v0.5.59/grabpl
- chmod +x bin/grabpl
- git clone "https://$${GITHUB_TOKEN}@github.com/grafana/grafana-enterprise.git"
- cd grafana-enterprise
@@ -2420,7 +2420,7 @@ steps:
image: grafana/ci-wix:0.1.1
commands:
- $$ProgressPreference = "SilentlyContinue"
- - Invoke-WebRequest https://grafana-downloads.storage.googleapis.com/grafana-build-pipeline/v0.5.58/windows/grabpl.exe -OutFile grabpl.exe
+ - Invoke-WebRequest https://grafana-downloads.storage.googleapis.com/grafana-build-pipeline/v0.5.59/windows/grabpl.exe -OutFile grabpl.exe
- git clone "https://$$env:GITHUB_TOKEN@github.com/grafana/grafana-enterprise.git"
- cd grafana-enterprise
- git checkout main
@@ -2485,7 +2485,7 @@ steps:
image: grafana/build-container:1.4.1
commands:
- mkdir -p bin
- - curl -fL -o bin/grabpl https://grafana-downloads.storage.googleapis.com/grafana-build-pipeline/v0.5.58/grabpl
+ - curl -fL -o bin/grabpl https://grafana-downloads.storage.googleapis.com/grafana-build-pipeline/v0.5.59/grabpl
- chmod +x bin/grabpl
- ./bin/grabpl verify-drone
- ./bin/grabpl verify-version v7.3.0-test
@@ -2593,7 +2593,7 @@ steps:
image: grafana/build-container:1.4.1
commands:
- mkdir -p bin
- - curl -fL -o bin/grabpl https://grafana-downloads.storage.googleapis.com/grafana-build-pipeline/v0.5.58/grabpl
+ - curl -fL -o bin/grabpl https://grafana-downloads.storage.googleapis.com/grafana-build-pipeline/v0.5.59/grabpl
- chmod +x bin/grabpl
- ./bin/grabpl verify-drone
- curl -fLO https://github.com/jwilder/dockerize/releases/download/v$${DOCKERIZE_VERSION}/dockerize-linux-amd64-v$${DOCKERIZE_VERSION}.tar.gz
@@ -2871,7 +2871,7 @@ steps:
image: grafana/ci-wix:0.1.1
commands:
- $$ProgressPreference = "SilentlyContinue"
- - Invoke-WebRequest https://grafana-downloads.storage.googleapis.com/grafana-build-pipeline/v0.5.58/windows/grabpl.exe -OutFile grabpl.exe
+ - Invoke-WebRequest https://grafana-downloads.storage.googleapis.com/grafana-build-pipeline/v0.5.59/windows/grabpl.exe -OutFile grabpl.exe
- name: build-windows-installer
image: grafana/ci-wix:0.1.1
@@ -2917,7 +2917,7 @@ steps:
image: grafana/build-container:1.4.1
commands:
- mkdir -p bin
- - curl -fL -o bin/grabpl https://grafana-downloads.storage.googleapis.com/grafana-build-pipeline/v0.5.58/grabpl
+ - curl -fL -o bin/grabpl https://grafana-downloads.storage.googleapis.com/grafana-build-pipeline/v0.5.59/grabpl
- chmod +x bin/grabpl
- git clone "https://$${GITHUB_TOKEN}@github.com/grafana/grafana-enterprise.git"
- cd grafana-enterprise
@@ -3311,7 +3311,7 @@ steps:
image: grafana/ci-wix:0.1.1
commands:
- $$ProgressPreference = "SilentlyContinue"
- - Invoke-WebRequest https://grafana-downloads.storage.googleapis.com/grafana-build-pipeline/v0.5.58/windows/grabpl.exe -OutFile grabpl.exe
+ - Invoke-WebRequest https://grafana-downloads.storage.googleapis.com/grafana-build-pipeline/v0.5.59/windows/grabpl.exe -OutFile grabpl.exe
- git clone "https://$$env:GITHUB_TOKEN@github.com/grafana/grafana-enterprise.git"
- cd grafana-enterprise
- git checkout $$env:DRONE_BRANCH
diff --git a/pkg/services/sqlstore/user_auth.go b/pkg/services/sqlstore/user_auth.go
index 0bef79e160048..9605ccce76a83 100644
--- a/pkg/services/sqlstore/user_auth.go
+++ b/pkg/services/sqlstore/user_auth.go
@@ -142,6 +142,10 @@ func GetExternalUserInfoByLogin(query *models.GetExternalUserInfoByLoginQuery) e
}
func GetAuthInfo(query *models.GetAuthInfoQuery) error {
+ if query.UserId == 0 && query.AuthId == "" {
+ return models.ErrUserNotFound
+ }
+
userAuth := &models.UserAuth{
UserId: query.UserId,
AuthModule: query.AuthModule,
diff --git a/scripts/lib.star b/scripts/lib.star
index e115fe363cbca..da1291f102166 100644
--- a/scripts/lib.star
+++ b/scripts/lib.star
@@ -1,4 +1,4 @@
-grabpl_version = '0.5.58'
+grabpl_version = '0.5.59'
build_image = 'grafana/build-container:1.4.1'
publish_image = 'grafana/grafana-ci-deploy:1.3.1'
grafana_docker_image = 'grafana/drone-grafana-docker:0.3.2'
Reference in New Issue View Git Blame Copy Permalink