Cinder

Use of eval in /cinder/volume/drivers/emc/emc_vmax_fc.py has potential security issue

Bug #1368013 reported by Zhang Yun on 2014-09-11

This bug report is a duplicate of: Bug #1366990: Un-sanitized eval statement in EMC volume driver. Edit Remove

256

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	Cinder	New	Undecided	Unassigned
	OpenStack Security Advisory	Incomplete	Undecided	Unassigned

Bug Description

Who could give more explanation here for what the use of eval and where the input comes from, please help make sure the use is safe. If it is coming from a user then it is a security vulnerability.

Anyone can add some comments to the code saying what it is doing?

The same concern occurred in /cinder/volume/drivers/emc/emc_vmax_common.py:

loc = volume['provider_location']
if isinstance(loc, six.string_types):
name = eval(loc) ------------------> This line has described issue

instancename = self.utils.get_instance_name(
name['classname'], name['keybindings'])

See original description

Zhang Yun (zhangyun) on 2014-09-11

information type:

Private Security → Public Security

Zhang Yun (zhangyun) on 2014-09-11

description:

updated

Revision history for this message

Thierry Carrez (ttx) wrote on 2014-09-11:

I'm pretty sure this string is not user-provided, but will wait for Cinder dev's analysis.

Changed in ossa:
status:	New → Incomplete

Report a bug

This report contains Public Security information

Everyone can see this security related information.

Duplicate of bug #1366990 Remove

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.