Skip to content

Commit

Permalink
Check error when typecasting GPO data
Browse files Browse the repository at this point in the history
  • Loading branch information
GabrielNagy committed Jul 28, 2023
1 parent 7eb2fdc commit 9b17e5e
Show file tree
Hide file tree
Showing 2 changed files with 13 additions and 5 deletions.
13 changes: 8 additions & 5 deletions internal/policies/certificate/certificate.go
Original file line number Diff line number Diff line change
Expand Up @@ -194,7 +194,11 @@ func (m *Manager) ApplyPolicy(ctx context.Context, objectName string, isComputer
keyparts := strings.Split(entry.Key, "/")
keyname := strings.Join(keyparts[:len(keyparts)-1], `\`)
valuename := keyparts[len(keyparts)-1]
polSrvRegistryEntries = append(polSrvRegistryEntries, gpoEntry{keyname, valuename, gpoData(entry.Value, valuename), gpoType(valuename)})
gpoData, err := gpoData(entry.Value, valuename)
if err != nil {
return fmt.Errorf(i18n.G("failed to parse policy entry value: %w"), err)
}
polSrvRegistryEntries = append(polSrvRegistryEntries, gpoEntry{keyname, valuename, gpoData, gpoType(valuename)})

log.Debugf(ctx, "Certificate policy entry: %#v", entry)
}
Expand Down Expand Up @@ -249,13 +253,12 @@ func (m *Manager) runScript(ctx context.Context, action, objectName string, extr
}

// gpoData returns the data for a GPO entry.
func gpoData(data, value string) any {
func gpoData(data, value string) (any, error) {
if slices.Contains(integerGPOValues, value) {
intData, _ := strconv.Atoi(data)
return intData
return strconv.Atoi(data)
}

return data
return data, nil
}

// gpoType returns the type for a GPO entry.
Expand Down
5 changes: 5 additions & 0 deletions internal/policies/certificate/certificate_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -65,6 +65,11 @@ func TestPolicyApply(t *testing.T) {
// Error cases
"Error on autoenroll script failure": {autoenrollScriptError: true, entries: []entry.Entry{enrollEntry}, wantErr: true},
"Error on invalid autoenroll value": {entries: []entry.Entry{{Key: "autoenroll", Value: "notanumber"}}, wantErr: true},
"Error on invalid advanced configuration value": {
entries: []entry.Entry{
enrollEntry,
{Key: "Software/Policies/Microsoft/Cryptography/PolicyServers/37c9dc30f207f27f61a2f7c3aed598a6e2920b54/Flags", Value: "NotANumber"},
}, wantErr: true},
}

for name, tc := range tests {
Expand Down

0 comments on commit 9b17e5e

Please sign in to comment.