Skip to content

PSInvalidCastException should not display the value to be cast when target type is a secure string #19375

Closed
#19977
Closed
PSInvalidCastException should not display the value to be cast when target type is a secure string#19375
#19977
Labels
In-PRIndicates that a PR is out for the issueIssue-Enhancementthe issue is more of a feature request than a bugUp-for-GrabsUp-for-grabs issues are not high priorities, and may be opportunities for external contributorsWG-Engine-ParameterBinder
@isra-fel

Description

@isra-fel
isra-fel
opened on Mar 21, 2023

Prerequisites

Steps to reproduce

If you have a template parameter with a secure string type and you accidentally pass a plain string, on the command line, that string is prnted in the error text. Since you know it's a secure string, it shoud not be printed in the error

Example 1:

PS C:\> ConvertFrom-SecureString "p@assw0rd"
ConvertFrom-SecureString: Cannot bind parameter 'SecureString'. Cannot convert the "p@assw0rd" value of type "System.String" to type "System.Security.SecureString"

Example 2:

PS> New-AzResourceGroupDeployment -ResourceGroupName MyRG -Name MyDeployment -TemplateParameterFile .\mytemplate.parameters.json -TemplateFile .\mytemplate.json -domainPassword $PlainString -Whatif

# Template file contains parameter: 
#         "domainPassword": {
#            "type": "securestring"
#        }

New-AzResourceGroupDeployment: Cannot bind parameter 'domainPassword'. Cannot convert the "p@assw0rd" value of type "System.String" to type "System.Security.SecureString".

# the value of "p@ssw0rd" should not be revealed.

Originally reported by @dbaileyut in Azure/azure-powershell#21250

Expected behavior

the value of "p@ssw0rd" should not be revealed.

Actual behavior

the value of "p@ssw0rd" was leaked to console.

Error details

No response

Environment data

Name                           Value
----                           -----
PSVersion                      7.3.3
PSEdition                      Core
GitCommitId                    7.3.3
OS                             Microsoft Windows 10.0.19045
Platform                       Win32NT
PSCompatibleVersions           {1.0, 2.0, 3.0, 4.0…}
PSRemotingProtocolVersion      2.3
SerializationVersion           1.1.0.1
WSManStackVersion              3.0

Visuals

No response

Metadata

Metadata

Assignees

No one assigned

    Labels

    In-PRIndicates that a PR is out for the issueIssue-Enhancementthe issue is more of a feature request than a bugUp-for-GrabsUp-for-grabs issues are not high priorities, and may be opportunities for external contributorsWG-Engine-ParameterBinder

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions