ufw

crashes on corrupt comments in config [PATCH]

Bug #1709856 reported by Andrew Gallagher on 2017-08-10
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
ufw
Undecided
Unassigned

Bug Description

ufw 0.35 (xenial) but issue appears to be in HEAD also.

When running against a config with a corrupted comment line in /etc/ufw/user.rules, 'ufw status' crashes:

# ufw status
Traceback (most recent call last):
  File "/usr/sbin/ufw", line 137, in <module>
    res = ui.do_action(pr.action, "", "", pr.force)
  File "/usr/lib/python3/dist-packages/ufw/frontend.py", line 631, in do_action
    res = self.get_status()
  File "/usr/lib/python3/dist-packages/ufw/frontend.py", line 256, in get_status
    out = self.backend.get_status(verbose, show_count)
  File "/usr/lib/python3/dist-packages/ufw/backend_iptables.py", line 419, in get_status
    comment_str = " # %s" % r.get_comment()
  File "/usr/lib/python3/dist-packages/ufw/common.py", line 343, in get_comment
    return ufw.util.hex_decode(self.comment)
  File "/usr/lib/python3/dist-packages/ufw/util.py", line 1066, in hex_decode
    return binascii.unhexlify(h).decode('utf-8')
binascii.Error: Non-hexadecimal digit found

In my case, this was because someone had hand-edited the user.rules file and mangled the comment field.

Since ufw was otherwise functional, it would be better to handle this error gracefully. The simplest method might be to return an error in the displayed comment rather than throwing a fatal exception.

PATCH FOLLOWS
-------------

*** /usr/lib/python3/dist-packages/ufw/util.py.dist 2017-08-10 11:23:21.135971293 +0000
--- /usr/lib/python3/dist-packages/ufw/util.py 2017-08-10 11:09:25.973565437 +0000
*************** def hex_decode(h):
*** 1063,1066 ****
      '''Take a hex string and convert it to a string'''
      if sys.version_info[0] < 3:
          return h.decode(encoding='hex').decode('utf-8')
! return binascii.unhexlify(h).decode('utf-8')
--- 1063,1069 ----
      '''Take a hex string and convert it to a string'''
      if sys.version_info[0] < 3:
          return h.decode(encoding='hex').decode('utf-8')
! try:
! return binascii.unhexlify(h).decode('utf-8')
! except:
! return '<Bad string>'

Andrew Gallagher (andrewg-l) wrote :

s/user.conf/user.rules/g

description: updated
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers