From a6e1fd28d28f2597437b66ea17033e137e27d1df Mon Sep 17 00:00:00 2001
From: Bryan Ayala <bryaayal@amazon.com>
Date: Thu, 21 Sep 2023 15:48:23 -0700
Subject: [PATCH] Validate typename prefix is valid when creating ListType
 request while resolving hook target names

---
 src/rpdk/core/type_name_resolver.py | 6 +++++-
 tests/test_type_name_resolver.py    | 7 +++++--
 2 files changed, 10 insertions(+), 3 deletions(-)

diff --git a/src/rpdk/core/type_name_resolver.py b/src/rpdk/core/type_name_resolver.py
index 18371871..960c708b 100644
--- a/src/rpdk/core/type_name_resolver.py
+++ b/src/rpdk/core/type_name_resolver.py
@@ -1,6 +1,7 @@
 import fnmatch
 import logging
 import os
+import re
 
 from botocore.exceptions import ClientError
 
@@ -13,6 +14,9 @@
 REGISTRY_VISIBILITY_PRIVATE = "PRIVATE"
 REGISTRY_VISIBILITY_PUBLIC = "PUBLIC"
 REGISTRY_RESULTS_PAGE_SIZE = 100
+TYPE_NAME_PREFIX_REGEX = (
+    r"([A-Za-z0-9]{2,64}::){0,2}([A-Za-z0-9]{2,64}:?){0,1}(:[A-Za-z0-9:]{2,64}){0,1}"
+)
 
 
 def contains_wildcard(pattern):
@@ -132,7 +136,7 @@ def _create_list_types_request(type_names):
             prefix = prefix[:index]
 
         req = {}
-        if prefix:
+        if prefix and re.fullmatch(TYPE_NAME_PREFIX_REGEX, prefix):
             req["Filters"] = {"TypeNamePrefix": prefix}
 
         return req
diff --git a/tests/test_type_name_resolver.py b/tests/test_type_name_resolver.py
index e7112839..45d61133 100644
--- a/tests/test_type_name_resolver.py
+++ b/tests/test_type_name_resolver.py
@@ -237,15 +237,18 @@ def test_resolve_type_names_locally_no_local_info(resolver):
         (["AWS::S?::Bucket"], "AWS::S"),
         (["AWS::S?::*Bucket"], "AWS::S"),
         (["AWS::*::Log*"], "AWS::"),
-        (["A*::S?::Bucket*"], "A"),
+        (["A*::S?::Bucket*"], None),
         (["*::S?::Bucket*"], ""),
         (["AWS::S?::BucketPolicy", "AWS::S3::Bucket"], "AWS::S"),
         (["AWS::S*::Queue", "AWS::DynamoDB::*"], "AWS::"),
+        (["AwsCommunity::S3::BucketVersioningEnabled", "AWS::*"], None),
+        (["AWSSamples::*", f'AW{"S" * 64}*', "AWS::S3::Bucket"], "AWS"),
+        ([f'AW{"S" * 64}*'], None),
     ],
 )
 def test_create_list_types_request(type_names, expected):
     req = TypeNameResolver._create_list_types_request(type_names)
     if not expected:
-        assert not req
+        assert req == {}
     else:
         assert req == {"Filters": {"TypeNamePrefix": expected}}