Permalink
Browse files

The parser cache is now always handled in a per-user fashion.

This avoids issues with people providing malciious caches in a multi-user
system.

Originally reported as: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=735263

A CVE number has been requested
  • Loading branch information...
alex committed Jan 17, 2014
1 parent 0a51c25 commit fc9bbcd25b0b4f09bbd6339f710ad24c129d5d7c
Showing with 11 additions and 4 deletions.
  1. +11 −4 rply/parsergenerator.py
View
@@ -2,6 +2,7 @@
import hashlib
import json
import random
import stat
import string
import sys
import tempfile
@@ -124,17 +125,23 @@ def build(self):
cache_file = os.path.join(
tempfile.gettempdir(),
"rply-%s-%s-%s.json" % (self.VERSION, self.cache_id, self.compute_grammar_hash(g))
"rply-%s-%s-%s-%s.json" % (self.VERSION, os.getuid(), self.cache_id, self.compute_grammar_hash(g))
)
table = None
if os.path.exists(cache_file):
with open(cache_file) as f:
data = json.load(f)
if self.data_is_valid(g, data):
table = LRTable.from_cache(g, data)
stat_result = os.fstat(f.fileno())
if (
stat_result.st_uid == os.getuid() and
stat.S_IMODE(stat_result.st_mode) == 0o0600
):
if self.data_is_valid(g, data):
table = LRTable.from_cache(g, data)
if table is None:
table = LRTable.from_grammar(g)
with open(cache_file, "w") as f:
fd = os.open(cache_file, os.O_RDWR | os.O_CREAT | os.O_EXCL, 0o0600)
with os.fdopen(fd, "w") as f:
json.dump(self.serialize_table(table), f)
if table.sr_conflicts:
warnings.warn(

0 comments on commit fc9bbcd

Please sign in to comment.