Giters

alcideio / rbac-tool

Rapid7 | insightCloudSec | Kubernetes RBAC Power Toys - Visualize, Analyze, Generate & Query

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

rbac-tool vis , with empty rulesText causes nil pointer dereference / crash. rbac-tool/pkg/visualize/rbacviz.go:302 +

ca8IiN4oow opened this issue · comments

commented

What happened:

I installed
[trutledge@localhost viscrash]$ rbac-tool version
Version: 0.10.0
Commit: 35e5db8
[trutledge@localhost viscrash]$

and ran

rbac-tool vis --cluster-context MYCLUSTER

And got

`[trutledge@localhost viscrash]$ rbac-tool vis --cluster-context --redact--
[alcide-rbactool] Namespaces included '*'
[alcide-rbactool] Namespaces excluded 'kube-system'
[alcide-rbactool] Connecting to cluster '--redact--'
panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x0 pc=0x1261885]

goroutine 1 [running]:
github.com/alcideio/rbac-tool/pkg/visualize.(*RbacViz).newRoleAndRulesNodePair(0xc000139c80, 0xc0003c24e0, 0xc00046c510, 0x9, 0xc00051eae0, 0x19, 0xc00046c5b0, 0x4, 0xc00051eb00, 0x13, ...)
/home/runner/work/rbac-tool/rbac-tool/pkg/visualize/rbacviz.go:302 +0x1f5
github.com/alcideio/rbac-tool/pkg/visualize.(*RbacViz).renderGraph(0xc000139c80, 0xc0002ca600)
/home/runner/work/rbac-tool/rbac-tool/pkg/visualize/rbacviz.go:204 +0x425
github.com/alcideio/rbac-tool/pkg/visualize.CreateRBACGraph(0xc0002ca600, 0x2a, 0xc00013dd30)
/home/runner/work/rbac-tool/rbac-tool/pkg/visualize/rbacviz.go:38 +0xef
github.com/alcideio/rbac-tool/cmd.NewCommandVisualize.func1(0xc000318b00, 0xc0001ef540, 0x0, 0x2, 0x0, 0x0)
/home/runner/work/rbac-tool/rbac-tool/cmd/visualize_cmd.go:66 +0x1da
github.com/spf13/cobra.(*Command).execute(0xc000318b00, 0xc0001ef500, 0x2, 0x2, 0xc000318b00, 0xc0001ef500)
/home/runner/pkg/mod/github.com/spf13/cobra@v0.0.6/command.go:840 +0x460
github.com/spf13/cobra.(*Command).ExecuteC(0xc000318000, 0xc000072750, 0xc00013df50, 0x40576f)
/home/runner/pkg/mod/github.com/spf13/cobra@v0.0.6/command.go:945 +0x317
github.com/spf13/cobra.(*Command).Execute(...)
/home/runner/pkg/mod/github.com/spf13/cobra@v0.0.6/command.go:885
main.main()
/home/runner/work/rbac-tool/rbac-tool/main.go:61 +0x2b
[trutledge@localhost viscrash]$
[trutledge@localhost viscrash]$
`

What you expected to happen:

not crashing

How to reproduce it (as minimally and precisely as possible):

Unsure.

Anything else we need to know?:

The nil comes from : rbac-tool/src/rbac-tool/pkg/visualize/rbacviz.go:

360         if rulesText == "" {
361                 return nil
362         }

I don't have enough context to share beyond that.

Environment:

  • Kubernetes version (use kubectl version):

Client Version: version.Info{Major:"1", Minor:"18", GitVersion:"v1.18.5", GitCommit:"e6503f8d8f769ace2f338794c914a96fc335df0f", GitTreeState:"clean", BuildDate:"2020-06-26T03:47:41Z", GoVersion:"go1.13.9", Compiler:"gc", Platform:"linux/amd64"}
Server Version: version.Info{Major:"1", Minor:"15", GitVersion:"v1.15.6", GitCommit:"7015f71e75f670eb9e7ebd4b5749639d42e20079", GitTreeState:"clean", BuildDate:"2019-11-13T11:11:50Z", GoVersion:"go1.12.12", Compiler:"gc", Platform:"linux/amd64"}

  • Cloud provider or configuration:

On premises install.

  • Install tools:
  • Others: