eval being used in session.py
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Compute (nova) |
Confirmed
|
Low
|
Unassigned | ||
OpenStack Security Advisory |
Won't Fix
|
Undecided
|
Unassigned |
Bug Description
There's a FIXME comment saying eval is evil (which it is obviously) in
the file below:
/opt/stack/
def _unwrap_
"""Parse exception details."""
try:
return func(*args, **kwargs)
except self.XenAPI.Failure as exc:
if (len(exc.details) == 4 and
else:
except xmlrpclib.
raise
This should indeed be fixed as it looks that an arbitrary plugin can now
potentially achieve arbitrary code execution by throwing specifically
prepared XenAPI Failure Exceptions.
This code has been here from the beginning according to the git logs at
http://
so the FIXME coomment has existed since at least 2013-11-22.
Changed in ossa: | |
status: | Incomplete → Won't Fix |
Changed in nova: | |
status: | New → Confirmed |
importance: | Undecided → Low |
Changed in nova: | |
assignee: | nobody → Abhilash Goyal (abhilash-goyal) |
Changed in nova: | |
assignee: | Abhilash Goyal (abhilash-goyal) → nobody |
status: | In Progress → Confirmed |
Changed in nova: | |
assignee: | nobody → Tanvir Talukder (tanvirt16) |
Changed in nova: | |
assignee: | Tanvir Talukder (tanvirt16) → nobody |
Since this report concerns a possible security risk, an incomplete security advisory task has been added while the core security reviewers for the affected project or projects confirm the bug and discuss the scope of any vulnerability along with potential solutions.