Skip to content
Permalink
Browse files Browse the repository at this point in the history
fixed security bugs with unescaped input to the shell
  • Loading branch information
stpierre committed Aug 5, 2011
1 parent ed85e40 commit f4a35ef
Show file tree
Hide file tree
Showing 5 changed files with 21 additions and 28 deletions.
7 changes: 3 additions & 4 deletions src/lib/Server/Admin/Viz.py
Expand Up @@ -86,11 +86,10 @@ def Visualize(self, repopath, hosts=False,
else:
format = 'png'

cmd = "dot -T%s" % (format)
cmd = ["dot", "-T", format]
if output:
cmd += " -o %s" % output
dotpipe = Popen(cmd, shell=True, stdin=PIPE,
stdout=PIPE, close_fds=True)
cmd.extend(["-o", output])
dotpipe = Popen(cmd, stdin=PIPE, stdout=PIPE, close_fds=True)
try:
dotpipe.stdin.write("digraph groups {\n")
except:
Expand Down
1 change: 0 additions & 1 deletion src/lib/Server/Plugins/Hg.py
@@ -1,6 +1,5 @@
import os
from mercurial import ui, hg
from subprocess import Popen, PIPE
import Bcfg2.Server.Plugin

# for debugging output only
Expand Down
3 changes: 1 addition & 2 deletions src/lib/Server/Plugins/SSHbase.py
Expand Up @@ -169,8 +169,7 @@ def get_ipcache_entry(self, client):
self.ipcache[client] = (ipaddr, client)
return (ipaddr, client)
except socket.gaierror:
cmd = "getent hosts %s" % client
ipaddr = Popen(cmd, shell=True, \
ipaddr = Popen(["getent", "hosts", client],
stdout=PIPE).stdout.read().strip().split()
if ipaddr:
self.ipcache[client] = (ipaddr, client)
Expand Down
36 changes: 16 additions & 20 deletions src/lib/Server/Plugins/SSLCA.py
Expand Up @@ -3,6 +3,7 @@
import lxml.etree
import posixpath
import tempfile
import pipes
import os
from subprocess import Popen, PIPE, STDOUT
# Compatibility import
Expand Down Expand Up @@ -119,10 +120,10 @@ def build_key(self, filename, entry, metadata):
type = self.key_specs[entry.get('name')]['type']
bits = self.key_specs[entry.get('name')]['bits']
if type == 'rsa':
cmd = "openssl genrsa %s " % bits
cmd = ["openssl", "genrsa", bits]
elif type == 'dsa':
cmd = "openssl dsaparam -noout -genkey %s" % bits
key = Popen(cmd, shell=True, stdout=PIPE).stdout.read()
cmd = ["openssl", "dsaparam", "-noout", "-genkey", bits]
key = Popen(cmd, stdout=PIPE).stdout.read()
return key

def get_cert(self, entry, metadata):
Expand Down Expand Up @@ -176,8 +177,8 @@ def verify_cert_against_ca(self, filename, entry):
"""
chaincert = self.CAs[self.cert_specs[entry.get('name')]['ca']].get('chaincert')
cert = self.data + filename
cmd = "openssl verify -CAfile %s %s" % (chaincert, cert)
res = Popen(cmd, shell=True, stdout=PIPE, stderr=STDOUT).stdout.read()
res = Popen(["openssl", "verify", "-CAfile", chaincert, cert],
stdout=PIPE, stderr=STDOUT).stdout.read()
if res == cert + ": OK\n":
return True
return False
Expand All @@ -188,9 +189,11 @@ def verify_cert_against_key(self, filename, key_filename):
"""
cert = self.data + filename
key = self.data + key_filename
cmd = "openssl x509 -noout -modulus -in %s | openssl md5" % cert
cmd = ("openssl x509 -noout -modulus -in %s | openssl md5" %
pipes.quote(cert))
cert_md5 = Popen(cmd, shell=True, stdout=PIPE, stderr=STDOUT).stdout.read()
cmd = "openssl rsa -noout -modulus -in %s | openssl md5" % key
cmd = ("openssl rsa -noout -modulus -in %s | openssl md5" %
pipes.quote(key))
key_md5 = Popen(cmd, shell=True, stdout=PIPE, stderr=STDOUT).stdout.read()
if cert_md5 == key_md5:
return True
Expand All @@ -206,16 +209,11 @@ def build_cert(self, key_filename, entry, metadata):
ca_config = self.CAs[ca]['config']
days = self.cert_specs[entry.get('name')]['days']
passphrase = self.CAs[ca].get('passphrase')
cmd = ["openssl", "ca", "-config", ca_config, "-in", req,
"-days", days, "-batch"]
if passphrase:
cmd = "openssl ca -config %s -in %s -days %s -batch -passin pass:%s" % (ca_config,
req,
days,
passphrase)
else:
cmd = "openssl ca -config %s -in %s -days %s -batch" % (ca_config,
req,
days)
cert = Popen(cmd, shell=True, stdout=PIPE).stdout.read()
cmd.extend(["-passin", "pass:%s" % passphrase])
cert = Popen(cmd, stdout=PIPE).stdout.read()
try:
os.unlink(req_config)
os.unlink(req)
Expand Down Expand Up @@ -271,9 +269,7 @@ def build_request(self, key_filename, req_config, entry):
req = tempfile.mkstemp()[1]
days = self.cert_specs[entry.get('name')]['days']
key = self.data + key_filename
cmd = "openssl req -new -config %s -days %s -key %s -text -out %s" % (req_config,
days,
key,
req)
cmd = ["openssl", "req", "-new", "-config", req_config,
"-days", days, "-key", key, "-text", "-out", req]
res = Popen(cmd, shell=True, stdout=PIPE).stdout.read()
return req
2 changes: 1 addition & 1 deletion src/lib/Server/Plugins/Svn.py
Expand Up @@ -35,7 +35,7 @@ def get_revision(self):
"""Read svn revision information for the Bcfg2 repository."""
try:
data = Popen(("env LC_ALL=C svn info %s" %
(self.datastore)), shell=True,
pipes.quote(self.datastore)), shell=True,
stdout=PIPE).communicate()[0].split('\n')
return [line.split(': ')[1] for line in data \
if line[:9] == 'Revision:'][-1]
Expand Down

0 comments on commit f4a35ef

Please sign in to comment.