`${u*}` in cookie causes all commands to enter an infinite loop

[jesseshieh]

Steps to reproduce

Modify the cookie in rel/config.exs to contain ${u*} somewhere. For example, in my case, the auto-generated cookie looked like this

set cookie: :"n/vHdl01.<)Sd23@0SV~=snk${RXu*W83z}Rqd;OWL]C3h6EhZuJ!^:4Cf$@Ke?g"

Then run the following commands

rm -rf _build/
MIX_ENV=prod mix distillery.release --env=prod
_build/prod/rel/$APP_NAME/bin/$APP_NAME help

Notice how the command hangs forever with no output.

Verbose Logs

Adding --verbose also just hung with no output.

Description of issue

It seems that this special combination of characters is a valid generated cookie according to this function.

Later, when we try to fetch the node name, it runs this awk command which never ends.

I haven't dug into whether the awk command can be tweaked to prevent this, but that's also a possibility. I think the easiest fix is to make this special combination of characters an invalid cookie. Perhaps, the easiest way is to add $, {, or } to the rejected character list.

• What are the expected results? To either not hang, or never generate a cookie that causes a hang.
• What version of Distillery? 2.1.1
• What OS, Erlang/Elixir versions are you seeing this issue on? 1.8.1/20.1

[jesseshieh]

I spent some time playing around with awk to try and pinpoint the specific problem in the awk script and found this in case it's helpful.

echo '${u*}' | awk '{gsub("[$]{u*}", "foo")}1'
${u*}
echo '${u*}' | awk '{gsub("[$]{u[*]}", "foo")}1'
foo

Basically, the first command does not actually gsub anything which causes the while loop in the awk command to continue forever. I believe this is because interprets the * as a special regex character. Escaping the special character in brackets seems to fix it and then you can see the substitution happens correctly.

[jesseshieh]

Perhaps the regex isn't really even needed so we can replace gsub with something like this.