Validate to/from parameters when remounting a backend#9890
Merged
vishalnayak merged 3 commits intoOct 29, 2020
Conversation
Vault uses http.ServeMux which issues an HTTP 301 redirect if the request path contains a double slash (`//`). Additionally, vault handles all paths to ensure that the path only contains printable characters. Therefore use the same validation on the to/from parameters for remounting. Not doing this can result in a Vault mount that was originally mounted at `pki/foo` to being remounted at `pki/foo//bar` resulting in mounts that cannot be accessed.
mdgreenfield
commented
Sep 4, 2020
Comment on lines
+1048
to
+1050
| if err = validateMountPath(toPath); err != nil { | ||
| return handleError(fmt.Errorf("'to' %v", err)) | ||
| } |
Contributor
Author
There was a problem hiding this comment.
Note that I did not validate the fromPath because if we validate it then any Vault users would not be able to move their mounts back to the original name. Also, because the fromPath is the path that was already cleaned by http.ServeMux and the non-printable characters handler, fromPath should only ever be a valid path when a mount is created.
vishalnayak
approved these changes
Oct 29, 2020
Contributor
vishalnayak
left a comment
vishalnayak
left a comment
There was a problem hiding this comment.
Thanks for submitting the PR!
vishalnayak
reviewed
Oct 29, 2020
Merged
pull Bot
pushed a commit
to NOUIY/vault
that referenced
this pull request
Oct 10, 2025
…hicorp#10049) * move request to parent * add changelog * add test * use refresh instead() Co-authored-by: claire bontempo <68122737+hellobontempo@users.noreply.github.com>
tsaarni
pushed a commit
to Nordix/vault
that referenced
this pull request
Oct 23, 2025
…hicorp#10050) (hashicorp#10071) * move request to parent * add changelog * add test * use refresh instead() Co-authored-by: claire bontempo <68122737+hellobontempo@users.noreply.github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Vault uses http.ServeMux which issues an HTTP 301 redirect if the
request path contains a double slash (
//). Additionally, vaulthandles all paths to ensure that the path only contains printable
characters. Therefore use the same validation on the to/from parameters
for remounting.
Not doing this can result in a Vault mount that was originally mounted
at
pki/footo being remounted atpki/foo//barresulting in mountsthat cannot be accessed.
fixes #9889
/cc @byxorna @ianferguson