diff options
| author | Miss Islington (bot) <31488909+miss-islington@users.noreply.github.com> | 2022-09-28 23:46:11 (GMT) |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2022-09-28 23:46:11 (GMT) |
| commit | 94582bb643f98bc58b1ff206d1d2a56f97c3a7e5 (patch) | |
| tree | 4e8fa98dc2f7ca0b905d7c8efa25bbfb00711973 /Tools/scripts | |
| parent | 7d60d10b6342f3fa7af1a65a6eba10d49945e769 (diff) | |
| download | cpython-94582bb643f98bc58b1ff206d1d2a56f97c3a7e5.zip cpython-94582bb643f98bc58b1ff206d1d2a56f97c3a7e5.tar.gz cpython-94582bb643f98bc58b1ff206d1d2a56f97c3a7e5.tar.bz2 | |
gh-97612: Fix shell injection in get-remote-certificate.py (GH-97613)
Fix a shell code injection vulnerability in the
get-remote-certificate.py example script. The script no longer uses a
shell to run "openssl" commands. Issue reported and initial fix by
Caleb Shortt.
Remove the Windows code path to send "quit" on stdin to the "openssl
s_client" command: use DEVNULL on all platforms instead.
Co-authored-by: Caleb Shortt <caleb@rgauge.com>
(cherry picked from commit 83a0f44ffd8b398673ae56c310cf5768d359c341)
Co-authored-by: Victor Stinner <vstinner@python.org>
Diffstat (limited to 'Tools/scripts')
| -rwxr-xr-x | Tools/scripts/get-remote-certificate.py | 25 |
1 files changed, 7 insertions, 18 deletions
diff --git a/Tools/scripts/get-remote-certificate.py b/Tools/scripts/get-remote-certificate.py index 3890128..68272fc 100755 --- a/Tools/scripts/get-remote-certificate.py +++ b/Tools/scripts/get-remote-certificate.py @@ -15,8 +15,8 @@ import tempfile def fetch_server_certificate (host, port): def subproc(cmd): - from subprocess import Popen, PIPE, STDOUT - proc = Popen(cmd, stdout=PIPE, stderr=STDOUT, shell=True) + from subprocess import Popen, PIPE, STDOUT, DEVNULL + proc = Popen(cmd, stdout=PIPE, stderr=STDOUT, stdin=DEVNULL) status = proc.wait() output = proc.stdout.read() return status, output @@ -33,8 +33,8 @@ def fetch_server_certificate (host, port): fp.write(m.group(1) + b"\n") try: tn2 = (outfile or tempfile.mktemp()) - status, output = subproc(r'openssl x509 -in "%s" -out "%s"' % - (tn, tn2)) + cmd = ['openssl', 'x509', '-in', tn, '-out', tn2] + status, output = subproc(cmd) if status != 0: raise RuntimeError('OpenSSL x509 failed with status %s and ' 'output: %r' % (status, output)) @@ -45,20 +45,9 @@ def fetch_server_certificate (host, port): finally: os.unlink(tn) - if sys.platform.startswith("win"): - tfile = tempfile.mktemp() - with open(tfile, "w") as fp: - fp.write("quit\n") - try: - status, output = subproc( - 'openssl s_client -connect "%s:%s" -showcerts < "%s"' % - (host, port, tfile)) - finally: - os.unlink(tfile) - else: - status, output = subproc( - 'openssl s_client -connect "%s:%s" -showcerts < /dev/null' % - (host, port)) + cmd = ['openssl', 's_client', '-connect', '%s:%s' % (host, port), '-showcerts'] + status, output = subproc(cmd) + if status != 0: raise RuntimeError('OpenSSL connect failed with status %s and ' 'output: %r' % (status, output)) |