cpython.git - https://github.com/python/cpython.git

diff options

author	Victor Stinner <vstinner@python.org>	2022-10-05 21:56:13 (GMT)
committer	GitHub <noreply@github.com>	2022-10-05 21:56:13 (GMT)
commit	c7ec7808191fc29f75d96496b682bd34be770a8f (patch)
tree	0620c3816b5db7bb01a82f8945d018b8d95a7782 /Python/pythonrun.c
parent	fd82f16c1e4d9a0661e9a2250004032797652e69 (diff)
download	cpython-c7ec7808191fc29f75d96496b682bd34be770a8f.zip cpython-c7ec7808191fc29f75d96496b682bd34be770a8f.tar.gz cpython-c7ec7808191fc29f75d96496b682bd34be770a8f.tar.bz2

[3.7] gh-97612: Fix shell injection in get-remote-certificate.py (#97613) (#97634)

Fix a shell code injection vulnerability in the get-remote-certificate.py example script. The script no longer uses a shell to run "openssl" commands. Issue reported and initial fix by Caleb Shortt. Remove the Windows code path to send "quit" on stdin to the "openssl s_client" command: use DEVNULL on all platforms instead. Co-authored-by: Caleb Shortt <caleb@rgauge.com> (cherry picked from commit 83a0f44ffd8b398673ae56c310cf5768d359c341)

Diffstat (limited to 'Python/pythonrun.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: