SnakeYaml SafeConstructor restricting deserialization (#6319)

ParsedDockerComposeFile is vulnerable to deserialization gadget chain attacks
that can lead to remote code execution when the file has untrusted content:
https://nvd.nist.gov/vuln/detail/CVE-2022-1471

This should be fixed by using SafeConstructor as suggested by the SnakeYaml
developers.

Deserialization of arbitrary Java types is not used by the Compose file spec
and therefore can be disabled without any loss of functionality:
https://docs.docker.com/compose/compose-file/

---------

Co-authored-by: Eddú Meléndez Gonzales <[email protected]>

Author: julianladisch

core/src/main/java/org/testcontainers/containers/ParsedDockerComposeFile.java

@@ -7,7 +7,9 @@
 import lombok.extern.slf4j.Slf4j;
 import org.apache.commons.io.FileUtils;
 import org.testcontainers.images.ParsedDockerfile;
+import org.yaml.snakeyaml.LoaderOptions;
 import org.yaml.snakeyaml.Yaml;
+import org.yaml.snakeyaml.constructor.SafeConstructor;
 
 import java.io.File;
 import java.io.FileInputStream;
@@ -35,7 +37,7 @@ class ParsedDockerComposeFile {
     private Map<String, Set<String>> serviceNameToImageNames = new HashMap<>();
 
     ParsedDockerComposeFile(File composeFile) {
-        Yaml yaml = new Yaml();
+        Yaml yaml = new Yaml(new SafeConstructor(new LoaderOptions()));
         try (FileInputStream fileInputStream = FileUtils.openInputStream(composeFile)) {
             composeFileContent = yaml.load(fileInputStream);
         } catch (Exception e) {

core/src/test/java/org/testcontainers/containers/ParsedDockerComposeFileBean.java

@@ -0,0 +1,10 @@
+package org.testcontainers.containers;
+
+public class ParsedDockerComposeFileBean {
+
+    public String foo;
+
+    public ParsedDockerComposeFileBean(String foo) {
+        this.foo = foo;
+    }
+}

core/src/test/java/org/testcontainers/containers/ParsedDockerComposeFileValidationTest.java

@@ -2,6 +2,7 @@
 
 import com.google.common.collect.ImmutableMap;
 import com.google.common.collect.Sets;
+import lombok.SneakyThrows;
 import org.junit.Test;
 
 import java.io.File;
@@ -61,6 +62,22 @@ public void shouldIgnoreUnknownStructure() {
         new ParsedDockerComposeFile(ImmutableMap.of("version", "9000"));
     }
 
+    @Test
+    @SneakyThrows
+    public void shouldRejectDeserializationOfArbitraryClasses() {
+        // Reject deserialization gadget chain attacks: https://nvd.nist.gov/vuln/detail/CVE-2022-1471
+        // https://raw.githubusercontent.com/mbechler/marshalsec/master/marshalsec.pdf
+
+        File file = new File("src/test/resources/docker-compose-deserialization.yml");
+
+        // ParsedDockerComposeFile should reject deserialization of ParsedDockerComposeFileBean
+        assertThatThrownBy(() -> {
+                new ParsedDockerComposeFile(file);
+            })
+            .hasMessageContaining(file.getAbsolutePath())
+            .hasMessageContaining("Unable to parse YAML file");
+    }
+
     @Test
     public void shouldObtainImageNamesV1() {
         File file = new File("src/test/resources/docker-compose-imagename-parsing-v1.yml");

core/src/test/resources/docker-compose-deserialization.yml

@@ -0,0 +1,3 @@
+redis:
+    image: redis
+    key: !!org.testcontainers.containers.ParsedDockerComposeFileBean '{foo: bar}'