internet/community.general
3
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2026-05-07 05:42:50 +00:00
Code Issues Packages Projects Releases Wiki Activity

split PS wrapper and payload (CVE-2018-16859) (#49142)

Browse Source 
* prevent scriptblock logging from logging payload contents
* added tests to verify no payload contents in PS Operational event log
* fix script action to send split-aware wrapper
* fix CLIXML error parser (return to -EncodedCommand exposed problems with it)
This commit is contained in:
Matt Davis
2018-11-26 15:28:21 -08:00
committed by GitHub
parent e7104a445b
commit 8c1f701e6e
12 changed files with 91 additions and 30 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
lib/ansible/executor/powershell/bootstrap_wrapper.ps1 Normal file
View File

@@ -0,0 +1,7 @@
&chcp.com 65001 > $null
$exec_wrapper_str = $input | Out-String
$split_parts = $exec_wrapper_str.Split(@("`0`0`0`0"), 2, [StringSplitOptions]::RemoveEmptyEntries)
If (-not $split_parts.Length -eq 2) { throw "invalid payload" }
Set-Variable -Name json_raw -Value $split_parts[1]
$exec_wrapper = [ScriptBlock]::Create($split_parts[0])
&$exec_wrapper