Show More
@@ -29,7 +29,7 b' jobs:' | |||
|
29 | 29 | - name: Install dependencies |
|
30 | 30 | run: | |
|
31 | 31 | python -m pip install --upgrade pip |
|
32 | pip install darker | |
|
32 | pip install darker black==21.12b0 | |
|
33 | 33 | - name: Lint with darker |
|
34 | 34 | run: | |
|
35 | 35 | darker -r 60625f241f298b5039cb2debc365db38aa7bb522 --check --diff . || ( |
@@ -11,6 +11,7 b' import string' | |||
|
11 | 11 | import subprocess |
|
12 | 12 | import time |
|
13 | 13 | |
|
14 | ||
|
14 | 15 | def test_cve_2022_21699(): |
|
15 | 16 | """ |
|
16 | 17 | Here we test CVE-2022-21699. |
@@ -23,34 +24,42 b' def test_cve_2022_21699():' | |||
|
23 | 24 | |
|
24 | 25 | """ |
|
25 | 26 | |
|
26 |
dangerous_profile_dir = Path( |
|
|
27 | dangerous_profile_dir = Path("profile_default") | |
|
27 | 28 | |
|
28 |
dangerous_startup_dir = dangerous_profile_dir / |
|
|
29 | dangerous_expected = 'CVE-2022-21699-'+''.join([random.choice(string.ascii_letters) for i in range(10)]) | |
|
29 | dangerous_startup_dir = dangerous_profile_dir / "startup" | |
|
30 | dangerous_expected = "CVE-2022-21699-" + "".join( | |
|
31 | [random.choice(string.ascii_letters) for i in range(10)] | |
|
32 | ) | |
|
30 | 33 | |
|
31 | 34 | with TemporaryWorkingDirectory() as t: |
|
32 | 35 | dangerous_startup_dir.mkdir(parents=True) |
|
33 |
(dangerous_startup_dir/ |
|
|
36 | (dangerous_startup_dir / "foo.py").write_text(f'print("{dangerous_expected}")') | |
|
34 | 37 | # 1 sec to make sure FS is flushed. |
|
35 | 38 | #time.sleep(1) |
|
36 |
cmd = [sys.executable, |
|
|
39 | cmd = [sys.executable, "-m", "IPython"] | |
|
37 | 40 | env = os.environ.copy() |
|
38 |
env[ |
|
|
39 | ||
|
41 | env["IPY_TEST_SIMPLE_PROMPT"] = "1" | |
|
40 | 42 | |
|
41 | 43 | # First we fake old behavior, making sure the profile is/was actually dangerous |
|
42 | p_dangerous = subprocess.Popen(cmd + [f'--profile-dir={dangerous_profile_dir}'], env=env, stdin=subprocess.PIPE, | |
|
43 | stdout=subprocess.PIPE, stderr=subprocess.PIPE) | |
|
44 | p_dangerous = subprocess.Popen( | |
|
45 | cmd + [f"--profile-dir={dangerous_profile_dir}"], | |
|
46 | env=env, | |
|
47 | stdin=subprocess.PIPE, | |
|
48 | stdout=subprocess.PIPE, | |
|
49 | stderr=subprocess.PIPE, | |
|
50 | ) | |
|
44 | 51 | out_dangerous, err_dangerouns = p_dangerous.communicate(b"exit\r") |
|
45 | 52 | assert dangerous_expected in out_dangerous.decode() |
|
46 | 53 | |
|
47 | 54 | # Now that we know it _would_ have been dangerous, we test it's not loaded |
|
48 |
p = subprocess.Popen( |
|
|
49 | stdout=subprocess.PIPE, stderr=subprocess.PIPE) | |
|
55 | p = subprocess.Popen( | |
|
56 | cmd, | |
|
57 | env=env, | |
|
58 | stdin=subprocess.PIPE, | |
|
59 | stdout=subprocess.PIPE, | |
|
60 | stderr=subprocess.PIPE, | |
|
61 | ) | |
|
50 | 62 | out, err = p.communicate(b"exit\r") |
|
51 |
assert b |
|
|
63 | assert b"IPython" in out | |
|
52 | 64 | assert dangerous_expected not in out.decode() |
|
53 |
assert err == b |
|
|
54 | ||
|
55 | ||
|
56 | ||
|
65 | assert err == b"" |
General Comments 0
You need to be logged in to leave comments.
Login now