fix cmd injection (#402)

sirdarckcat · web-flow · commit 4382f9119a87 · 2023-07-17T09:22:39.000+02:00
* fix cmd injection

see b/289980058

* Automated commit: update images.
diff --git a/.github/workflows/update-images.yaml b/.github/workflows/update-images.yaml
@@ -329,6 +329,8 @@ jobs:
         done
 
     - name: Commit
+      env:
+        SUBMITTER: ${{ github.event.head_commit.author.email }}
       run: |
         # git add returns success for files that exist and haven't been modified
         git add kctf-operator/resources/constants.go
@@ -344,7 +346,7 @@ jobs:
           git add "${dir}/healthcheck/Dockerfile" 2>&1 || true
         done
         git status
-        git config user.email ${{ github.event.head_commit.author.email }}
+        git config user.email "$SUBMITTER"
         git config user.name "GitHub Action"
         if git commit -m "Automated commit: update images."; then
           git push
diff --git a/dist/challenge-templates/pwn/challenge/Dockerfile b/dist/challenge-templates/pwn/challenge/Dockerfile
@@ -18,7 +18,7 @@ RUN /usr/sbin/useradd --no-create-home -u 1000 user
 COPY flag /
 COPY chal /home/user/
 
-FROM gcr.io/kctf-docker/challenge@sha256:0f7d757bcda470c3bbc063606335b915e03795d72ba1d8fdb6f0f9ff3757364f
+FROM gcr.io/kctf-docker/challenge@sha256:eb0f8c3b97460335f9820732a42702c2fa368f7d121a671c618b45bbeeadab28
 
 COPY --from=chroot / /chroot
 
diff --git a/dist/challenge-templates/pwn/healthcheck/Dockerfile b/dist/challenge-templates/pwn/healthcheck/Dockerfile
@@ -11,7 +11,7 @@
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 # See the License for the specific language governing permissions and
 # limitations under the License.
-FROM gcr.io/kctf-docker/healthcheck@sha256:6709709a8cfd6e2d743c86d58398c00ca4eb26befd3b1a0a629ab35f91e98ef0
+FROM gcr.io/kctf-docker/healthcheck@sha256:35a21466f658914ad33b700c2b1c938ed6ec739ecf73c8766ab565509d203660
 
 COPY healthcheck_loop.sh healthcheck.py healthz_webserver.py /home/user/
 
diff --git a/dist/challenge-templates/web/challenge/Dockerfile b/dist/challenge-templates/web/challenge/Dockerfile
@@ -40,7 +40,7 @@ COPY web-servers /web-servers
 
 COPY flag /
 
-FROM gcr.io/kctf-docker/challenge@sha256:0f7d757bcda470c3bbc063606335b915e03795d72ba1d8fdb6f0f9ff3757364f
+FROM gcr.io/kctf-docker/challenge@sha256:eb0f8c3b97460335f9820732a42702c2fa368f7d121a671c618b45bbeeadab28
 
 RUN apt-get update \
     && DEBIAN_FRONTEND=noninteractive apt-get install -yq --no-install-recommends tzdata apache2 \
diff --git a/dist/challenge-templates/web/healthcheck/Dockerfile b/dist/challenge-templates/web/healthcheck/Dockerfile
@@ -11,7 +11,7 @@
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 # See the License for the specific language governing permissions and
 # limitations under the License.
-FROM gcr.io/kctf-docker/healthcheck@sha256:6709709a8cfd6e2d743c86d58398c00ca4eb26befd3b1a0a629ab35f91e98ef0
+FROM gcr.io/kctf-docker/healthcheck@sha256:35a21466f658914ad33b700c2b1c938ed6ec739ecf73c8766ab565509d203660
 
 COPY healthcheck_loop.sh healthcheck.py healthz_webserver.py /home/user/
 
diff --git a/dist/challenge-templates/xss-bot/challenge/Dockerfile b/dist/challenge-templates/xss-bot/challenge/Dockerfile
@@ -11,7 +11,7 @@
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 # See the License for the specific language governing permissions and
 # limitations under the License.
-FROM gcr.io/kctf-docker/challenge@sha256:0f7d757bcda470c3bbc063606335b915e03795d72ba1d8fdb6f0f9ff3757364f
+FROM gcr.io/kctf-docker/challenge@sha256:eb0f8c3b97460335f9820732a42702c2fa368f7d121a671c618b45bbeeadab28
 
 RUN apt-get update && apt-get install -y gnupg2 wget
 
diff --git a/dist/challenge-templates/xss-bot/healthcheck/Dockerfile b/dist/challenge-templates/xss-bot/healthcheck/Dockerfile
@@ -11,7 +11,7 @@
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 # See the License for the specific language governing permissions and
 # limitations under the License.
-FROM gcr.io/kctf-docker/healthcheck@sha256:6709709a8cfd6e2d743c86d58398c00ca4eb26befd3b1a0a629ab35f91e98ef0
+FROM gcr.io/kctf-docker/healthcheck@sha256:35a21466f658914ad33b700c2b1c938ed6ec739ecf73c8766ab565509d203660
 
 COPY healthcheck_loop.sh healthcheck.py healthz_webserver.py /home/user/
 
diff --git a/dist/resources/operator.yaml b/dist/resources/operator.yaml
@@ -4544,7 +4544,7 @@ spec:
           value: 0.0.0.0/0
         - name: SECURITY_POLICY
           value: DISABLED
-        image: gcr.io/kctf-docker/kctf-operator@sha256:ad8cf85ab93a9cfbd8fa1ccc221851933a3e6ef554f18041c581b0f72b33cae2
+        image: gcr.io/kctf-docker/kctf-operator@sha256:211e729ab063f1b14509b834be540036f39017afbd2a50d55149942f03d26203
         livenessProbe:
           httpGet:
             path: /healthz
diff --git a/kctf-operator/resources/constants.go b/kctf-operator/resources/constants.go
@@ -5,8 +5,8 @@ package resources
 // == || These are set by automation || ==
 // .. vv ........................... vv ..
 
-const DOCKER_CERTBOT_IMAGE = "gcr.io/kctf-docker/certbot@sha256:5cdc993bade510f0ffbad7d1e13d9d586ae5703aaf9b4111d0299a9e5e4bdcac"
-const DOCKER_GCSFUSE_IMAGE = "gcr.io/kctf-docker/gcsfuse@sha256:90d42ec41823b40bde0d04820ae757a67eb9fe1c100f44487d867c4042b82655"
+const DOCKER_CERTBOT_IMAGE = "gcr.io/kctf-docker/certbot@sha256:edb269ebc89d38e0f6e037087e707db68e13ebeda6a00e65126b098e49badf48"
+const DOCKER_GCSFUSE_IMAGE = "gcr.io/kctf-docker/gcsfuse@sha256:39078b111e0e8494599685b33c5a133cf5544958a19017a1811ac86f436dead7"
 
 // .. ^^ ........................... ^^ ..
 // == || These are set by automation || ==
