PR - Issue 50634 - Clean up CLI errors output #3713
Comments
|
Comment from mreynolds (@mreynolds389) at 2019-10-17 14:05:08 LGTM |
|
Comment from mhonek (@kenoh) at 2019-10-17 14:11:56 Couldn't we abstract that sequence of several lines that are literally the same into a procedure? |
|
Comment from spichugi (@droideck) at 2019-10-17 14:44:56 1 new commit added
|
|
Comment from spichugi (@droideck) at 2019-10-17 14:45:12 Good catch, thanks! |
|
Comment from mhonek (@kenoh) at 2019-10-17 15:15:41 Looks good, thanks! |
|
Comment from spichugi (@droideck) at 2019-10-18 07:59:15 rebased onto b74ddc0d1656ca2d487141c14d7c3a967a47f8ae |
|
Comment from spichugi (@droideck) at 2019-10-18 08:00:41 rebased onto a2e3c02 |
|
Comment from spichugi (@droideck) at 2019-10-18 08:07:26 Pull-Request has been merged by droideck |
|
Comment from firstyear (@Firstyear) at 2019-10-21 02:12:06 This is a security risk, because if an attacker can control any input that becomes put into an error message, it will be run here. This is not safe. |
|
Comment from spichugi (@droideck) at 2019-10-21 11:31:15
Could you please provide some examples of a possible attack?.. |
|
Comment from firstyear (@Firstyear) at 2019-10-22 00:31:33 My apologies - eval normal leads to horrible things, but indeed you chose the safe one! Okay, could you comment (with the oneline rule maybe?) about this discussion above the use of literal_eval incase this discussion point comes up in a security review? |
|
Patch |
Cloned from Pagure Pull-Request: https://pagure.io/389-ds-base/pull-request/50658
Description: CLI tools should print human easy readable messages
if something went wrong.
As discussed here: https://pagure.io/389-ds-base/pull-request/50624
Change the CLI error processing so the dict type is always transformed.
Resolves: #3689
Reviewed by: ?
The text was updated successfully, but these errors were encountered: