in service.py validate_template, we do an env.get_class bypassing
the global_environment(), which ends up calling
template_resource.generate_class, which wrongly defaults the get_template_file
allowed schemas to "('file',)"
The net result of this is that any call to template-validate which
specifies type: foo.yaml will read that file from the filesystem of the
heat service - this actually means template-validate calls which should
fail work on typical devstack env's where the client and heat-engine are
co-located (it took me a while to work out why!!)
I've not figured out any way for this to be exploitable, but it definitely
seems wrong that we allow user-provided paths to be read like this,
and there could be some risk if folks could work out a way to make
validation blow up with a stack-trace containing any file contents.
in service.py validate_template, we do an env.get_class bypassing environment( ), which ends up calling resource. generate_ class, which wrongly defaults the get_template_file
the global_
template_
allowed schemas to "('file',)"
https:/ /github. com/openstack/ heat/blob/ master/ heat/engine/ service. py#L958 /github. com/openstack/ heat/blob/ master/ heat/engine/ resources/ template_ resource. py#L31
https:/
The net result of this is that any call to template-validate which
specifies type: foo.yaml will read that file from the filesystem of the
heat service - this actually means template-validate calls which should
fail work on typical devstack env's where the client and heat-engine are
co-located (it took me a while to work out why!!)
I've not figured out any way for this to be exploitable, but it definitely
seems wrong that we allow user-provided paths to be read like this,
and there could be some risk if folks could work out a way to make
validation blow up with a stack-trace containing any file contents.