[Python-checkins] cpython (2.7): Issue #22885: Fixed arbitrary code execution vulnerability in the dumbdbm
serhiy.storchaka
python-checkins at python.org
Sun Feb 15 23:33:28 CET 2015
https://hg.python.org/cpython/rev/02865d22a98d
changeset: 94638:02865d22a98d
branch: 2.7
parent: 94626:7d2018774925
user: Serhiy Storchaka <storchaka at gmail.com>
date: Mon Feb 16 00:29:52 2015 +0200
summary:
Issue #22885: Fixed arbitrary code execution vulnerability in the dumbdbm
module. Original patch by Claudiu Popa.
files:
Lib/dumbdbm.py | 3 ++-
Lib/test/test_dumbdbm.py | 8 ++++++++
Misc/NEWS | 3 +++
3 files changed, 13 insertions(+), 1 deletions(-)
diff --git a/Lib/dumbdbm.py b/Lib/dumbdbm.py
--- a/Lib/dumbdbm.py
+++ b/Lib/dumbdbm.py
@@ -21,6 +21,7 @@
"""
+import ast as _ast
import os as _os
import __builtin__
import UserDict
@@ -85,7 +86,7 @@
with f:
for line in f:
line = line.rstrip()
- key, pos_and_siz_pair = eval(line)
+ key, pos_and_siz_pair = _ast.literal_eval(line)
self._index[key] = pos_and_siz_pair
# Write the index dict to the directory file. The original directory
diff --git a/Lib/test/test_dumbdbm.py b/Lib/test/test_dumbdbm.py
--- a/Lib/test/test_dumbdbm.py
+++ b/Lib/test/test_dumbdbm.py
@@ -160,6 +160,14 @@
self.assertEqual(expected, got)
f.close()
+ def test_eval(self):
+ with open(_fname + '.dir', 'w') as stream:
+ stream.write("str(__import__('sys').stdout.write('Hacked!')), 0\n")
+ with test_support.captured_stdout() as stdout:
+ with self.assertRaises(ValueError):
+ dumbdbm.open(_fname).close()
+ self.assertEqual(stdout.getvalue(), '')
+
def tearDown(self):
_delete_files()
diff --git a/Misc/NEWS b/Misc/NEWS
--- a/Misc/NEWS
+++ b/Misc/NEWS
@@ -18,6 +18,9 @@
Library
-------
+- Issue #22885: Fixed arbitrary code execution vulnerability in the dumbdbm
+ module. Original patch by Claudiu Popa.
+
- Issue #21849: Fixed xmlrpclib serialization of non-ASCII unicode strings in
the multiprocessing module.
--
Repository URL: https://hg.python.org/cpython
More information about the Python-checkins
mailing list