cve.py
56 lines
| 1.8 KiB
| text/x-python
|
PythonLexer
Matthias Bussonnier
|
r27474 | """ | ||
Test that CVEs stay fixed. | ||||
""" | ||||
from IPython.utils.tempdir import TemporaryDirectory, TemporaryWorkingDirectory | ||||
from pathlib import Path | ||||
import random | ||||
import sys | ||||
import os | ||||
import string | ||||
import subprocess | ||||
import time | ||||
def test_cve_2022_21699(): | ||||
""" | ||||
Here we test CVE-2022-21699. | ||||
We create a temporary directory, cd into it. | ||||
Make a profile file that should not be executed and start IPython in a subprocess, | ||||
checking for the value. | ||||
""" | ||||
dangerous_profile_dir = Path('profile_default') | ||||
dangerous_startup_dir = dangerous_profile_dir / 'startup' | ||||
dangerous_expected = 'CVE-2022-21699-'+''.join([random.choice(string.ascii_letters) for i in range(10)]) | ||||
with TemporaryWorkingDirectory() as t: | ||||
dangerous_startup_dir.mkdir(parents=True) | ||||
(dangerous_startup_dir/ 'foo.py').write_text(f'print("{dangerous_expected}")') | ||||
# 1 sec to make sure FS is flushed. | ||||
#time.sleep(1) | ||||
cmd = [sys.executable,'-m', 'IPython'] | ||||
env = os.environ.copy() | ||||
env['IPY_TEST_SIMPLE_PROMPT'] = '1' | ||||
# First we fake old behavior, making sure the profile is/was actually dangerous | ||||
p_dangerous = subprocess.Popen(cmd + [f'--profile-dir={dangerous_profile_dir}'], env=env, stdin=subprocess.PIPE, | ||||
stdout=subprocess.PIPE, stderr=subprocess.PIPE) | ||||
out_dangerous, err_dangerouns = p_dangerous.communicate(b"exit\r") | ||||
assert dangerous_expected in out_dangerous.decode() | ||||
# Now that we know it _would_ have been dangerous, we test it's not loaded | ||||
p = subprocess.Popen(cmd, env=env, stdin=subprocess.PIPE, | ||||
stdout=subprocess.PIPE, stderr=subprocess.PIPE) | ||||
out, err = p.communicate(b"exit\r") | ||||
assert b'IPython' in out | ||||
assert dangerous_expected not in out.decode() | ||||
assert err == b'' | ||||