ocibuild_validate (ocibuild v0.10.4)

View Source

Shared validation utilities for security checks.

This module provides reusable validation functions for checking user-provided inputs for common security issues like null bytes and path traversal attacks.

Summary

Functions

no_absolute/1

Check that a binary is not an absolute path (does not start with /).

no_null_bytes(Bin)

Check that a binary contains no null bytes.

no_traversal(Bin)

Check that a binary contains no path traversal sequences.

no_traversal(Bin, Separators)

Check that a binary contains no path traversal sequences using custom separators.

not_empty/1

Check that a binary is not empty.

validate_user_string(Bin)

Combined validation for user-provided strings.

Functions

no_absolute/1

-spec no_absolute(binary()) -> ok | {error, {absolute_path, binary()}}.

Check that a binary is not an absolute path (does not start with /).

Examples

ok = ocibuild_validate:no_absolute(~"relative/path").
{error, {absolute_path, _}} = ocibuild_validate:no_absolute(~"/absolute/path").

no_null_bytes(Bin)

-spec no_null_bytes(binary()) -> ok | {error, {null_byte, binary()}}.

Check that a binary contains no null bytes.

Null bytes can be used to truncate strings in C-based tools, potentially leading to security issues when paths are processed by external programs.

Examples

ok = ocibuild_validate:no_null_bytes(~"safe/path").
{error, {null_byte, _}} = ocibuild_validate:no_null_bytes(<<"has\0null">>).

no_traversal(Bin)

-spec no_traversal(binary()) -> ok | {error, {path_traversal, binary()}}.

Check that a binary contains no path traversal sequences.

Uses / as the default separator. For custom separators, use no_traversal/2.

Examples

ok = ocibuild_validate:no_traversal(~"safe/path/here").
{error, {path_traversal, _}} = ocibuild_validate:no_traversal(~"../etc/passwd").

no_traversal(Bin, Separators)

-spec no_traversal(binary(), [binary()]) -> ok | {error, {path_traversal, binary()}}.

Check that a binary contains no path traversal sequences using custom separators.

The binary is split by the provided separators, and each component is checked for .. (parent directory reference).

Examples

ok = ocibuild_validate:no_traversal(~"safe:path", [~":"]).
{error, {path_traversal, _}} = ocibuild_validate:no_traversal(~"safe:../bad", [~":"]).
%% Multiple separators
ok = ocibuild_validate:no_traversal(~"safe/path:here", [~"/", ~":"]).

not_empty/1

-spec not_empty(binary()) -> ok | {error, empty_value}.

Check that a binary is not empty.

Examples

ok = ocibuild_validate:not_empty(~"content").
{error, empty_value} = ocibuild_validate:not_empty(<<>>).

validate_user_string(Bin)

-spec validate_user_string(binary()) -> ok | {error, term()}.

Combined validation for user-provided strings.

Checks for both null bytes and path traversal attacks. Uses / and : as separators for path traversal detection, which covers both filesystem paths and OCI reference formats.

This is the recommended function for validating user inputs like:

  • Image tags
  • Annotation keys and values
  • Other user-provided metadata

Examples

ok = ocibuild_validate:validate_user_string(~"myapp:v1.0.0").
ok = ocibuild_validate:validate_user_string(~"org.opencontainers.image.vendor").
{error, {null_byte, _}} = ocibuild_validate:validate_user_string(<<"bad\0string">>).
{error, {path_traversal, _}} = ocibuild_validate:validate_user_string(~"../etc/passwd").