diff options
| author | Uri Simchoni <uri@samba.org> | 2015-11-15 13:34:03 +0200 |
|---|---|---|
| committer | Uri Simchoni <uri@samba.org> | 2015-11-23 22:19:34 +0100 |
| commit | 22386dc39673f66de2dd57596447acf3c6c00ef7 (patch) | |
| tree | eb3f5522d9b8762fa8427a4b54d8ac4385a7b155 /python | |
| parent | e6f88c1451f8843fca9ca361cd2dbdf3e77ff47c (diff) | |
| download | samba-22386dc39673f66de2dd57596447acf3c6c00ef7.tar.gz | |
samba-tool: replace use of os.popen
The netcmd/domain.py module uses os.popen() on user-supplied
parameters. This opens up the way to code injection.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11601
Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Autobuild-User(master): Uri Simchoni <uri@samba.org>
Autobuild-Date(master): Mon Nov 23 22:19:34 CET 2015 on sn-devel-104
Diffstat (limited to 'python')
| -rw-r--r-- | python/samba/netcmd/domain.py | 14 |
1 files changed, 11 insertions, 3 deletions
diff --git a/python/samba/netcmd/domain.py b/python/samba/netcmd/domain.py index 6726538fc1b..62f8bfa8153 100644 --- a/python/samba/netcmd/domain.py +++ b/python/samba/netcmd/domain.py @@ -31,6 +31,7 @@ import ctypes import random import tempfile import logging +import subprocess from getpass import getpass from samba.net import Net, LIBNET_JOIN_AUTOMATIC import samba.ntacls @@ -87,9 +88,16 @@ from samba.provision.common import ( ) def get_testparm_var(testparm, smbconf, varname): - cmd = "%s -s -l --parameter-name='%s' %s 2>/dev/null" % (testparm, varname, smbconf) - output = os.popen(cmd, 'r').readline() - return output.strip() + errfile = open(os.devnull, 'w') + p = subprocess.Popen([testparm, '-s', '-l', + '--parameter-name=%s' % varname, smbconf], + stdout=subprocess.PIPE, stderr=errfile) + (out,err) = p.communicate() + errfile.close() + lines = out.split('\n') + if lines: + return lines[0].strip() + return "" try: import samba.dckeytab |