Tightens DMI output parser

Fixes an off-by-one error in the `tsh dmi-read` output parser and adds tests for same.

Author: tcsc

lib/devicetrust/native/device_linux.go

@@ -30,7 +30,7 @@ import (
 	"os"
 	"os/exec"
 	"os/user"
-	"strings"
+	"slices"
 	"time"
 
 	"github.com/google/go-attestation/attest"
@@ -303,17 +303,23 @@ func readDMIInfoEscalated() (*linux.DMIInfo, error) {
 		return nil, trace.Wrap(err, "running `sudo tsh device dmi-read`")
 	}
 
-	// Strip any leading output before the first `{`, just in case.
-	val := dmiOut.String()
-	if n := strings.Index(val, "{"); n > 0 {
-		val = val[n-1:]
+	dmiInfo, err := parseDMIReadOutput(dmiOut.Bytes())
+	if err != nil {
+		return nil, trace.Wrap(err, "parsing dmi-read output")
 	}
 
-	var dmiInfo linux.DMIInfo
-	if err := json.Unmarshal([]byte(val), &dmiInfo); err != nil {
-		return nil, trace.Wrap(err, "parsing dmi-read output")
+	return dmiInfo, nil
+}
+
+func parseDMIReadOutput(text []byte) (*linux.DMIInfo, error) {
+	if n := slices.Index(text, '{'); n > 0 {
+		text = text[n:]
 	}
 
+	var dmiInfo linux.DMIInfo
+	if err := json.Unmarshal(text, &dmiInfo); err != nil {
+		return nil, trace.Wrap(err)
+	}
 	return &dmiInfo, nil
 }
 

lib/devicetrust/native/device_linux_test.go

@@ -204,3 +204,64 @@ func TestCollectDeviceData_linux(t *testing.T) {
 		})
 	}
 }
+
+func TestParseDMIReadOutput(t *testing.T) {
+	const validDMIJson = `{"ProductName":"21J50013US","ProductSerial":"PF0A0AAA","BoardSerial":"L1AA00A00A0","ChassisAssetTag":"SomeAssetTag"}`
+	testCases := []struct {
+		name       string
+		input      []byte
+		checkError require.ErrorAssertionFunc
+		expected   *linux.DMIInfo
+	}{
+		{
+			name:       "clean",
+			input:      []byte(validDMIJson),
+			checkError: require.NoError,
+			expected: &linux.DMIInfo{
+				ProductName:     "21J50013US",
+				ProductSerial:   "PF0A0AAA",
+				BoardSerial:     "L1AA00A00A0",
+				ChassisAssetTag: "SomeAssetTag",
+			},
+		}, {
+			name:       "prefixed",
+			input:      []byte("somerandomgibberish" + validDMIJson),
+			checkError: require.NoError,
+			expected: &linux.DMIInfo{
+				ProductName:     "21J50013US",
+				ProductSerial:   "PF0A0AAA",
+				BoardSerial:     "L1AA00A00A0",
+				ChassisAssetTag: "SomeAssetTag",
+			},
+		}, {
+			name:       "invalid utf8 prefix",
+			input:      []byte("\xe2\x80\x83" + validDMIJson),
+			checkError: require.NoError,
+			expected: &linux.DMIInfo{
+				ProductName:     "21J50013US",
+				ProductSerial:   "PF0A0AAA",
+				BoardSerial:     "L1AA00A00A0",
+				ChassisAssetTag: "SomeAssetTag",
+			},
+		}, {
+			name:       "invalid json",
+			input:      []byte("{" + validDMIJson),
+			checkError: require.Error,
+		}, {
+			name:       "empty input",
+			input:      []byte{},
+			checkError: require.Error,
+		}, {
+			name:       "nil input",
+			input:      nil,
+			checkError: require.Error,
+		},
+	}
+	for _, testCase := range testCases {
+		t.Run(testCase.name, func(t *testing.T) {
+			out, err := parseDMIReadOutput(testCase.input)
+			testCase.checkError(t, err)
+			require.Equal(t, testCase.expected, out)
+		})
+	}
+}