New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
PR - Issue 50634 - Clean up CLI errors output #3713
Comments
Comment from mreynolds (@mreynolds389) at 2019-10-17 14:05:08 LGTM |
Comment from mhonek (@kenoh) at 2019-10-17 14:11:56 Couldn't we abstract that sequence of several lines that are literally the same into a procedure? |
Comment from spichugi (@droideck) at 2019-10-17 14:44:56 1 new commit added
|
Comment from spichugi (@droideck) at 2019-10-17 14:45:12 Good catch, thanks! |
Comment from mhonek (@kenoh) at 2019-10-17 15:15:41 Looks good, thanks! |
Comment from spichugi (@droideck) at 2019-10-18 07:59:15 rebased onto b74ddc0d1656ca2d487141c14d7c3a967a47f8ae |
Comment from spichugi (@droideck) at 2019-10-18 08:00:41 rebased onto a2e3c02 |
Comment from spichugi (@droideck) at 2019-10-18 08:07:26 Pull-Request has been merged by droideck |
Comment from firstyear (@Firstyear) at 2019-10-21 02:12:06 This is a security risk, because if an attacker can control any input that becomes put into an error message, it will be run here. This is not safe. |
Comment from spichugi (@droideck) at 2019-10-21 11:31:15
Could you please provide some examples of a possible attack?.. |
Comment from firstyear (@Firstyear) at 2019-10-22 00:31:33 My apologies - eval normal leads to horrible things, but indeed you chose the safe one! Okay, could you comment (with the oneline rule maybe?) about this discussion above the use of literal_eval incase this discussion point comes up in a security review? |
Patch |
Cloned from Pagure Pull-Request: https://pagure.io/389-ds-base/pull-request/50658
Description: CLI tools should print human easy readable messages
if something went wrong.
As discussed here: https://pagure.io/389-ds-base/pull-request/50624
Change the CLI error processing so the dict type is always transformed.
Resolves: #3689
Reviewed by: ?
The text was updated successfully, but these errors were encountered: