Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[utilities_common] replace shell=True #2718

Merged
merged 21 commits into from
May 31, 2023
Merged

Conversation

maipbui
Copy link
Contributor

@maipbui maipbui commented Mar 6, 2023

What I did

subprocess() - when using with shell=True is dangerous. Using subprocess function without a static string can lead to command injection.

How I did it

remove shell=True in utilities_common.cli.run_command() function.
subprocess() - use shell=False instead, use list of strings Ref: https://semgrep.dev/docs/cheat-sheets/python-command-injection/#mitigation

How to verify it

Pass UT
Manual test

Previous command output (if the output of a command-line utility has changed)

New command output (if the output of a command-line utility has changed)

Signed-off-by: maipbui <[email protected]>
Signed-off-by: maipbui <[email protected]>
config/main.py Outdated
clicommon.run_command('hostname -F /etc/hostname', display_cmd=True)
clicommon.run_command(r'sed -i "/\s{}$/d" /etc/hosts'.format(current_hostname), display_cmd=True)
clicommon.run_command('echo "127.0.0.1 {}" >> /etc/hosts'.format(hostname), display_cmd=True)
with open('etc/hostname', 'w') as f:
Copy link
Contributor

@qiluo-msft qiluo-msft Mar 20, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

etc/hostname

It should be absolute path. #Closed

config/main.py Outdated
f.write(str(hostname) + '\n')
clicommon.run_command(['hostname', '-F', '/etc/hostname'], display_cmd=True)
clicommon.run_command(['sed', '-i', "/\s{}$/d".format(current_hostname), '/etc/hosts'], display_cmd=True)
with open('etc/hosts', 'a') as f:
Copy link
Contributor

@qiluo-msft qiluo-msft Mar 20, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

etc/hosts

The same #Closed

Signed-off-by: Mai Bui <[email protected]>
Signed-off-by: Mai Bui <[email protected]>
Signed-off-by: Mai Bui <[email protected]>
Signed-off-by: Mai Bui <[email protected]>
Signed-off-by: Mai Bui <[email protected]>
Signed-off-by: Mai Bui <[email protected]>
@maipbui maipbui marked this pull request as draft May 2, 2023 20:16
@@ -1305,9 +1303,9 @@ def load(filename, yes):
return

if namespace is None:
command = "{} -j {} --write-to-db".format(SONIC_CFGGEN_PATH, file)
Copy link
Contributor

@qiluo-msft qiluo-msft May 2, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

--write-to-db

Why remove "--write-to-db" ? #Closed

config/main.py Outdated
# Ignore error for IPv6 configuration command due to it not allows config the same IP twice
clicommon.run_command(command, display_cmd=True, ignore_error=True)
command = "ip{} route add default via {} dev eth0 table default".format(" -6" if mgmt_conf.version == 6 else "", gw_addr)
command = ['ip{}'.format(" -6" if mgmt_conf.version == 6 else ""), 'route', 'add', 'default', 'via', str(gw_addr), 'dev', 'eth0', 'table', 'default']
Copy link
Contributor

@qiluo-msft qiluo-msft May 2, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

" -6"

Should be the 2nd arg #Closed

config/main.py Outdated
clicommon.run_command(command, display_cmd=True, ignore_error=True)
command = "ip{} rule add from {} table default".format(" -6" if mgmt_conf.version == 6 else "", str(mgmt_conf.ip))
command = ['ip{}'.format(" -6" if mgmt_conf.version == 6 else ""), 'rule', 'add', 'from', str(mgmt_conf.ip), 'table', 'default']
Copy link
Contributor

@qiluo-msft qiluo-msft May 2, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

" -6"

The same. #Closed

config/main.py Outdated
clicommon.run_command(command, display_cmd=True, ignore_error=True)
pid_cmd = ['cat', '/var/run/dhclient.eth0.pid']
_, pid = getstatusoutput_noshell(pid_cmd)
cmd0 = ['[', '-f', '/var/run/dhclient.eth0.pid', ']']
Copy link
Contributor

@qiluo-msft qiluo-msft May 2, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

'-f'

-f is a bash/sh feature, I guess you need to run_command with shell=True to have this feature. Could you check? If yes, you may consider using python to check, like os.path.isfile(path). #Closed

show/platform.py Outdated
cmd = "sudo ssdutil -d " + device
options = " -v" if verbose else ""
options += " -e" if vendor else ""
cmd = ['sudo', 'ssdutil', '-d', device]
Copy link
Contributor

@qiluo-msft qiluo-msft May 2, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

device

Is it always a str? #Closed

Signed-off-by: Mai Bui <[email protected]>
Signed-off-by: Mai Bui <[email protected]>
Signed-off-by: Mai Bui <[email protected]>
Signed-off-by: Mai Bui <[email protected]>
Signed-off-by: Mai Bui <[email protected]>
config/main.py Outdated


def _get_sonic_services():
out, _ = clicommon.run_command("systemctl list-dependencies --plain sonic.target | sed '1d'", return_cmd=True)
cmd = "systemctl list-dependencies --plain sonic.target | sed '1d'"
out, _ = clicommon.run_command(cmd, return_cmd=True, shell=True)
Copy link
Contributor

@qiluo-msft qiluo-msft May 24, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

cmd

you may use one command systemctl list-dependencies --plain sonic.target.
And then parse the output in python instead of sed. #Closed

Signed-off-by: Mai Bui <[email protected]>
@maipbui maipbui marked this pull request as ready for review May 25, 2023 19:17
qiluo-msft
qiluo-msft previously approved these changes May 25, 2023
Signed-off-by: Mai Bui <[email protected]>
Signed-off-by: Mai Bui <[email protected]>
@maipbui maipbui merged commit 5750057 into sonic-net:master May 31, 2023
@maipbui maipbui deleted the util_cli_pysec branch May 31, 2023 13:00
dprital added a commit to dprital/sonic-buildimage that referenced this pull request Jun 5, 2023
Update sonic-utilities submodule pointer to include the following:
* 5c9b2177 Fix issue: out of range sflow polling interval is accepted and stored in config_db ([sonic-net#2847](sonic-net/sonic-utilities#2847))
* 72ca4848 Add CLI configuration options for teamd retry count feature ([sonic-net#2642](sonic-net/sonic-utilities#2642))
* 359dfc0c [Clock] Implement clock CLI ([sonic-net#2793](sonic-net/sonic-utilities#2793))
* b316fc27 Add transceiver status CLI to show output from TRANSCEIVER_STATUS table ([sonic-net#2772](sonic-net/sonic-utilities#2772))
* dc59dbd2 Replace pickle by json ([sonic-net#2849](sonic-net/sonic-utilities#2849))
* a66f41c4 [show] replace shell=True, replace xml by lxml, replace exit by sys.exit ([sonic-net#2666](sonic-net/sonic-utilities#2666))
* 57500572 [utilities_common] replace shell=True ([sonic-net#2718](sonic-net/sonic-utilities#2718))
* 6e0ee3e7 [CRM][DASH] Extend CRM utility to support DASH resources. ([sonic-net#2800](sonic-net/sonic-utilities#2800))
* b2c29b0b [config] Generate sysinfo in single asic ([sonic-net#2856](sonic-net/sonic-utilities#2856))

Signed-off-by: dprital <[email protected]>
StormLiangMS pushed a commit to sonic-net/sonic-buildimage that referenced this pull request Jun 5, 2023
…nic-utilities submodule on master (#15193)

Dependency:
sonic-net/sonic-utilities#2718

Why I did it
This PR sonic-net/sonic-utilities#2718 reduce shell=True usage in utilities_common.cli.run_command() function.

Work item tracking
Microsoft ADO (number only): 15022050
How I did it
Replace strings commands using utilities_common.cli.run_command() function to list of strings

due to circular dependency, advance sonic-utilities submodule
72ca4848 (HEAD -> master, upstream/master, upstream/HEAD) Add CLI configuration options for teamd retry count feature (sonic-net/sonic-utilities#2642)
359dfc0c [Clock] Implement clock CLI (sonic-net/sonic-utilities#2793)
b316fc27 Add transceiver status CLI to show output from TRANSCEIVER_STATUS table (sonic-net/sonic-utilities#2772)
dc59dbd2 Replace pickle by json (sonic-net/sonic-utilities#2849)
a66f41c4 [show] replace shell=True, replace xml by lxml, replace exit by sys.exit (sonic-net/sonic-utilities#2666)
57500572 [utilities_common] replace shell=True (sonic-net/sonic-utilities#2718)
6e0ee3e7 [CRM][DASH] Extend CRM utility to support DASH resources. (sonic-net/sonic-utilities#2800)
b2c29b0b [config] Generate sysinfo in single asic (sonic-net/sonic-utilities#2856)
pdhruv-marvell pushed a commit to pdhruv-marvell/sonic-utilities that referenced this pull request Aug 23, 2023
#### What I did
`subprocess()` - when using with `shell=True` is dangerous. Using subprocess function without a static string can lead to command injection.
#### How I did it
remove shell=True in utilities_common.cli.run_command() function.
`subprocess()` - use `shell=False` instead, use list of strings Ref: [https://semgrep.dev/docs/cheat-sheets/python-command-injection/#mitigation](https://semgrep.dev/docs/cheat-sheets/python-command-injection/#mitigation)
#### How to verify it
Pass UT
Manual test
Signed-off-by: Mai Bui <[email protected]>
@maipbui maipbui mentioned this pull request Sep 14, 2023
maipbui added a commit that referenced this pull request Sep 15, 2023
Resolves sonic-net/sonic-buildimage#16542
#### What I did
Update str -> list[str] commands which were missed in #2718
#### How I did it
#### How to verify it
Pass UT. Manual test, issue resolved, tested in internal.79435802-3bbd91c86e version
Signed-off-by: Mai Bui <[email protected]>
yaqiangz pushed a commit to yaqiangz/sonic-utilities that referenced this pull request Sep 20, 2023
Resolves sonic-net/sonic-buildimage#16542
Update str -> list[str] commands which were missed in sonic-net#2718
Pass UT. Manual test, issue resolved, tested in internal.79435802-3bbd91c86e version
Signed-off-by: Mai Bui <[email protected]>
This was referenced Sep 20, 2023
yaqiangz added a commit that referenced this pull request Sep 20, 2023
Why I did
Use static str to run_command would encounter error because change in this PR: #2718.

How I did it
Change command from static str to list.

How to verify it
UT passed.
Build whl and install in testbed.

Signed-off-by: Yaqiang Zhu <[email protected]>
sonic-otn pushed a commit to sonic-otn/sonic-buildimage that referenced this pull request Sep 20, 2023
…nic-utilities submodule on master (sonic-net#15193)

Dependency:
sonic-net/sonic-utilities#2718

Why I did it
This PR sonic-net/sonic-utilities#2718 reduce shell=True usage in utilities_common.cli.run_command() function.

Work item tracking
Microsoft ADO (number only): 15022050
How I did it
Replace strings commands using utilities_common.cli.run_command() function to list of strings

due to circular dependency, advance sonic-utilities submodule
72ca4848 (HEAD -> master, upstream/master, upstream/HEAD) Add CLI configuration options for teamd retry count feature (sonic-net/sonic-utilities#2642)
359dfc0c [Clock] Implement clock CLI (sonic-net/sonic-utilities#2793)
b316fc27 Add transceiver status CLI to show output from TRANSCEIVER_STATUS table (sonic-net/sonic-utilities#2772)
dc59dbd2 Replace pickle by json (sonic-net/sonic-utilities#2849)
a66f41c4 [show] replace shell=True, replace xml by lxml, replace exit by sys.exit (sonic-net/sonic-utilities#2666)
57500572 [utilities_common] replace shell=True (sonic-net/sonic-utilities#2718)
6e0ee3e7 [CRM][DASH] Extend CRM utility to support DASH resources. (sonic-net/sonic-utilities#2800)
b2c29b0b [config] Generate sysinfo in single asic (sonic-net/sonic-utilities#2856)
StormLiangMS pushed a commit that referenced this pull request Sep 21, 2023
Why I did
Use static str to run_command would encounter error because change in this PR: #2718.

How I did it
Change command from static str to list.

How to verify it
UT passed.
Build whl and install in testbed.

Signed-off-by: Yaqiang Zhu <[email protected]>
JunhongMao pushed a commit to JunhongMao/sonic-utilities that referenced this pull request Oct 4, 2023
Resolves sonic-net/sonic-buildimage#16542
#### What I did
Update str -> list[str] commands which were missed in sonic-net#2718
#### How I did it
#### How to verify it
Pass UT. Manual test, issue resolved, tested in internal.79435802-3bbd91c86e version
Signed-off-by: Mai Bui <[email protected]>
JunhongMao pushed a commit to JunhongMao/sonic-utilities that referenced this pull request Oct 4, 2023
Why I did
Use static str to run_command would encounter error because change in this PR: sonic-net#2718.

How I did it
Change command from static str to list.

How to verify it
UT passed.
Build whl and install in testbed.

Signed-off-by: Yaqiang Zhu <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants