Skip to content

fix(build_config): validate envs[*].name against POSIX env-var regex#5614

Open
ibondarenko1 wants to merge 1 commit into
bentoml:mainfrom
ibondarenko1:fix/envs-name-posix-validator
Open

fix(build_config): validate envs[*].name against POSIX env-var regex#5614
ibondarenko1 wants to merge 1 commit into
bentoml:mainfrom
ibondarenko1:fix/envs-name-posix-validator

Conversation

@ibondarenko1
Copy link
Copy Markdown

@ibondarenko1 ibondarenko1 commented May 16, 2026

Why

CVE-2026-44346 (GHSA-w2pm-x38x-jp44) fixed Dockerfile command injection via envs[*].name by shell-quoting at template render time. The field is still accepted as an arbitrary string at parse time; the protection relies entirely on downstream Dockerfile escape.

POSIX env-var names match ^[A-Za-z_][A-Za-z0-9_]*$ (IEEE Std 1003.1, section 3.231). Catching malformed names at parse time produces a clear bentofile error and is a layered defense if any future template path accidentally bypasses escape.

What

Add an attr.field validator on BentoEnvSchema.name that requires the POSIX regex. Reject malformed names with a clear ValueError at parse.

Impact

  • Defense-in-depth on CVE-2026-44346.
  • Bentos with non-POSIX env-var names (e.g. hyphens) fail at parse with a clear message. Docker/Kubernetes/POSIX shells already reject such names downstream; affected configs are broken upstream too.

Testing

pytest tests/unit/_internal/bento/test_build_config.py (existing test suite).
Add a regression test asserting BentoEnvSchema(name="FOO-BAR") raises if maintainer requests.

@ibondarenko1
fix(build_config): validate envs[*].name against POSIX env-var regex
3ec049f 
CVE-2026-44346 (GHSA-w2pm-x38x-jp44) fixed Dockerfile command
injection via envs[*].name by shell-quoting at template render time.
The field is still accepted as an arbitrary string at parse time; the
protection relies entirely on downstream Dockerfile escape.

POSIX env-var names match ^[A-Za-z_][A-Za-z0-9_]*$ (IEEE Std 1003.1
section 3.231). Catching malformed names at parse time produces a
clear bentofile error and is a layered defense.

Add an attr validator on BentoEnvSchema.name that requires the POSIX
regex. Reject malformed names with a clear ValueError at parse.
@ibondarenko1 ibondarenko1 requested a review from a team as a code owner May 16, 2026 00:59
@ibondarenko1 ibondarenko1 requested review from jianshen92 and removed request for a team May 16, 2026 00:59
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jianshen92 jianshen92 Awaiting requested review from jianshen92 jianshen92 is a code owner automatically assigned from bentoml/bentoml-reviewers

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@ibondarenko1