enpaul/vault2vault
1
0
Fork 0
mirror of https://github.com/enpaul/vault2vault.git synced 2024-11-23 18:46:47 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix replacement bug when the same vaulted block appears twice in a file

Browse Source
This commit is contained in:
Ethan Paul 2022-04-21 15:20:08 -04:00
parent 9943dd112c
commit 8e9df58f43
No known key found for this signature in database
GPG Key ID: D0E2CBF1245E92BF
1 changed files with 10 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
vault2vault.py
View File

@ -10,8 +10,6 @@ from typing import Any
from typing import Iterable
from typing import List
from typing import Optional
from typing import Tuple
from typing import Union
import ruamel.yaml
@ -79,7 +77,9 @@ def _process_file( # pylint: disable=too-many-statements
logger.debug(f"Processing file {path}")
def _process_yaml_data(content: bytes, data: Any, ignore: bool, name: str = ""):
def _process_yaml_data( # pylint: disable=too-many-locals
content: bytes, data: Any, ignore: bool, name: str = ""
):
if isinstance(data, dict):
for key, value in data.items():
content = _process_yaml_data(
@ -182,9 +182,13 @@ def _process_file( # pylint: disable=too-many-statements
]
)
# 5. Finally, we actually replace the content. We also need to re-encode it back to bytes
# because all file operations with vault are done in bytes mode
content = content_decoded.replace(padded_old_data, padded_new_data).encode()
# 5. Finally, we actually replace the content. This needs to have a count=1 so that if the same
# encrypted block appears twice in the same file we only replace the first occurance of it,
# otherwise the later replacement attempts will fail. We also need to re-encode it back to
# bytes because all file operations with vault are done in bytes mode
content = content_decoded.replace(
padded_old_data, padded_new_data, 1
).encode()
return content
with path.open("rb") as infile: