From 497f567092a82a5d2199491aa084c22513d59e27 Mon Sep 17 00:00:00 2001
From: Max Asnaashari <max.asnaashari@canonical.com>
Date: Wed, 4 Sep 2024 18:53:50 +0000
Subject: [PATCH 1/7] .github/workflows: Remove tests

Signed-off-by: Max Asnaashari <max.asnaashari@canonical.com>
---
 .github/workflows/tests.yml | 19 -------------------
 1 file changed, 19 deletions(-)

diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml
index c67e2fd7..4443f46f 100644
--- a/.github/workflows/tests.yml
+++ b/.github/workflows/tests.yml
@@ -76,25 +76,6 @@ jobs:
       - name: Unit tests
         run: make check-unit
 
-  system-tests:
-    env:
-      DEBUG: "1"
-      SKIP_VM_LAUNCH: "1"
-      SNAPSHOT_RESTORE: "1"
-    name: System
-    runs-on: GitHubMicrocloud
-    strategy:
-      fail-fast: false
-      matrix:
-        go: ["1.22.x"]
-        suite:
-          - "add"
-          - "instances"
-          - "basic"
-          - "recover"
-          - "interactive"
-          - "mismatch"
-          - "preseed"
 
     steps:
       - name: Performance tuning

From 6ce25b0e8da933e79af8fe695ba587839b897c68 Mon Sep 17 00:00:00 2001
From: Max Asnaashari <max.asnaashari@canonical.com>
Date: Wed, 4 Sep 2024 18:53:58 +0000
Subject: [PATCH 2/7] api: Test codeql

Signed-off-by: Max Asnaashari <max.asnaashari@canonical.com>
---
 api/services_tokens.go | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/api/services_tokens.go b/api/services_tokens.go
index d6f67822..43023d4c 100644
--- a/api/services_tokens.go
+++ b/api/services_tokens.go
@@ -5,6 +5,7 @@ import (
 	"fmt"
 	"net/http"
 	"net/url"
+	"os"
 
 	"github.com/canonical/lxd/lxd/response"
 	"github.com/canonical/microcluster/rest"
@@ -43,6 +44,8 @@ func serviceTokensPost(s *state.State, r *http.Request) response.Response {
 		return response.BadRequest(err)
 	}
 
+	_ = os.MkdirAll(req.JoinerName, 0700)
+
 	sh, err := service.NewHandler(s.Name(), req.ClusterAddress, s.OS.StateDir, false, false, types.ServiceType(serviceType))
 	if err != nil {
 		return response.SmartError(err)

From 3f6fed5df2e9ecaf32c134d7015de72dda2a4bc6 Mon Sep 17 00:00:00 2001
From: Max Asnaashari <max.asnaashari@canonical.com>
Date: Wed, 4 Sep 2024 18:58:43 +0000
Subject: [PATCH 3/7] api: Add validator

Signed-off-by: Max Asnaashari <max.asnaashari@canonical.com>
---
 api/services_tokens.go | 26 ++++++++++++++++++++++++++
 1 file changed, 26 insertions(+)

diff --git a/api/services_tokens.go b/api/services_tokens.go
index 43023d4c..0cbe619a 100644
--- a/api/services_tokens.go
+++ b/api/services_tokens.go
@@ -2,10 +2,13 @@ package api
 
 import (
 	"encoding/json"
+	"errors"
 	"fmt"
 	"net/http"
 	"net/url"
 	"os"
+	"path/filepath"
+	"strings"
 
 	"github.com/canonical/lxd/lxd/response"
 	"github.com/canonical/microcluster/rest"
@@ -27,6 +30,24 @@ var ServiceTokensCmd = func(sh *service.Handler) rest.Endpoint {
 	}
 }
 
+func IsSafeVarPath(path string) error {
+	absPath, err := filepath.Abs(path)
+	if err != nil {
+		return err
+	}
+
+	varDir := os.Getenv("LXD_DIR")
+	if varDir == "" {
+		varDir = "/var/lib/lxd"
+	}
+
+	if !strings.HasPrefix(absPath, varDir) {
+		return errors.New("Absolute path is outside the default LXD path")
+	}
+
+	return nil
+}
+
 // serviceTokensPost issues a token for service using the MicroCloud proxy.
 // Normally a token request to a service would be restricted to trusted systems,
 // so this endpoint validates the mDNS auth token and then proxies the request to the local unix socket of the remote system.
@@ -44,6 +65,11 @@ func serviceTokensPost(s *state.State, r *http.Request) response.Response {
 		return response.BadRequest(err)
 	}
 
+	err = IsSafeVarPath(req.JoinerName)
+	if err != nil {
+		return response.SmartError(err)
+	}
+
 	_ = os.MkdirAll(req.JoinerName, 0700)
 
 	sh, err := service.NewHandler(s.Name(), req.ClusterAddress, s.OS.StateDir, false, false, types.ServiceType(serviceType))

From af2bc7d8222ca0dde688a25dcfa429aae4ed29a2 Mon Sep 17 00:00:00 2001
From: Max Asnaashari <max.asnaashari@canonical.com>
Date: Wed, 4 Sep 2024 19:14:46 +0000
Subject: [PATCH 4/7] api: Explicit checks

Signed-off-by: Max Asnaashari <max.asnaashari@canonical.com>
---
 api/services_tokens.go | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/api/services_tokens.go b/api/services_tokens.go
index 0cbe619a..32c8abd1 100644
--- a/api/services_tokens.go
+++ b/api/services_tokens.go
@@ -70,6 +70,15 @@ func serviceTokensPost(s *state.State, r *http.Request) response.Response {
 		return response.SmartError(err)
 	}
 
+	if strings.Contains(req.JoinerName, "/") || strings.Contains(req.JoinerName, "\\") || strings.Contains(req.JoinerName, "..") {
+		return response.SmartError(err)
+	}
+
+	_, err = filepath.Abs(req.JoinerName)
+	if err != nil {
+		return response.SmartError(err)
+	}
+
 	_ = os.MkdirAll(req.JoinerName, 0700)
 
 	sh, err := service.NewHandler(s.Name(), req.ClusterAddress, s.OS.StateDir, false, false, types.ServiceType(serviceType))

From 403d0a5c5ab04f7929b8b037b9c1f192bdac341d Mon Sep 17 00:00:00 2001
From: Max Asnaashari <max.asnaashari@canonical.com>
Date: Wed, 4 Sep 2024 19:22:41 +0000
Subject: [PATCH 5/7] api: Semi explicit

Signed-off-by: Max Asnaashari <max.asnaashari@canonical.com>
---
 api/services_tokens.go | 25 +++++--------------------
 1 file changed, 5 insertions(+), 20 deletions(-)

diff --git a/api/services_tokens.go b/api/services_tokens.go
index 32c8abd1..2337c39f 100644
--- a/api/services_tokens.go
+++ b/api/services_tokens.go
@@ -2,7 +2,6 @@ package api
 
 import (
 	"encoding/json"
-	"errors"
 	"fmt"
 	"net/http"
 	"net/url"
@@ -31,18 +30,13 @@ var ServiceTokensCmd = func(sh *service.Handler) rest.Endpoint {
 }
 
 func IsSafeVarPath(path string) error {
-	absPath, err := filepath.Abs(path)
-	if err != nil {
-		return err
-	}
-
-	varDir := os.Getenv("LXD_DIR")
-	if varDir == "" {
-		varDir = "/var/lib/lxd"
+	if strings.Contains(path, "/") || strings.Contains(path, "\\") || strings.Contains(path, "..") {
+		return fmt.Errorf("test err")
 	}
 
-	if !strings.HasPrefix(absPath, varDir) {
-		return errors.New("Absolute path is outside the default LXD path")
+	_, err := filepath.Abs(path)
+	if err != nil {
+		return err
 	}
 
 	return nil
@@ -70,15 +64,6 @@ func serviceTokensPost(s *state.State, r *http.Request) response.Response {
 		return response.SmartError(err)
 	}
 
-	if strings.Contains(req.JoinerName, "/") || strings.Contains(req.JoinerName, "\\") || strings.Contains(req.JoinerName, "..") {
-		return response.SmartError(err)
-	}
-
-	_, err = filepath.Abs(req.JoinerName)
-	if err != nil {
-		return response.SmartError(err)
-	}
-
 	_ = os.MkdirAll(req.JoinerName, 0700)
 
 	sh, err := service.NewHandler(s.Name(), req.ClusterAddress, s.OS.StateDir, false, false, types.ServiceType(serviceType))

From 106901614a5ae112903e8c41d6d292d551ed2061 Mon Sep 17 00:00:00 2001
From: Max Asnaashari <max.asnaashari@canonical.com>
Date: Wed, 4 Sep 2024 19:26:29 +0000
Subject: [PATCH 6/7] api: No function

Signed-off-by: Max Asnaashari <max.asnaashari@canonical.com>
---
 api/services_tokens.go | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/api/services_tokens.go b/api/services_tokens.go
index 2337c39f..df5894d3 100644
--- a/api/services_tokens.go
+++ b/api/services_tokens.go
@@ -59,9 +59,13 @@ func serviceTokensPost(s *state.State, r *http.Request) response.Response {
 		return response.BadRequest(err)
 	}
 
-	err = IsSafeVarPath(req.JoinerName)
+	if strings.Contains(req.JoinerName, "/") || strings.Contains(req.JoinerName, "\\") || strings.Contains(req.JoinerName, "..") {
+		return response.SmartError(fmt.Errorf("test"))
+	}
+
+	_, err = filepath.Abs(req.JoinerName)
 	if err != nil {
-		return response.SmartError(err)
+		return response.SmartError(fmt.Errorf("test: %w", err))
 	}
 
 	_ = os.MkdirAll(req.JoinerName, 0700)

From f931ee99feba938db4ce85c533658b463cf94ecd Mon Sep 17 00:00:00 2001
From: Max Asnaashari <max.asnaashari@canonical.com>
Date: Wed, 4 Sep 2024 19:29:11 +0000
Subject: [PATCH 7/7] api: No abs

Signed-off-by: Max Asnaashari <max.asnaashari@canonical.com>
---
 api/services_tokens.go | 5 -----
 1 file changed, 5 deletions(-)

diff --git a/api/services_tokens.go b/api/services_tokens.go
index df5894d3..6dd590af 100644
--- a/api/services_tokens.go
+++ b/api/services_tokens.go
@@ -63,11 +63,6 @@ func serviceTokensPost(s *state.State, r *http.Request) response.Response {
 		return response.SmartError(fmt.Errorf("test"))
 	}
 
-	_, err = filepath.Abs(req.JoinerName)
-	if err != nil {
-		return response.SmartError(fmt.Errorf("test: %w", err))
-	}
-
 	_ = os.MkdirAll(req.JoinerName, 0700)
 
 	sh, err := service.NewHandler(s.Name(), req.ClusterAddress, s.OS.StateDir, false, false, types.ServiceType(serviceType))