Show More
| @@ -0,0 +1,56 b'' | |||||
|
|
1 | """ | |||
|
|
2 | Test that CVEs stay fixed. | |||
|
|
3 | """ | |||
|
|
4 | ||||
|
|
5 | from IPython.utils.tempdir import TemporaryDirectory, TemporaryWorkingDirectory | |||
|
|
6 | from pathlib import Path | |||
|
|
7 | import random | |||
|
|
8 | import sys | |||
|
|
9 | import os | |||
|
|
10 | import string | |||
|
|
11 | import subprocess | |||
|
|
12 | import time | |||
|
|
13 | ||||
|
|
14 | def test_cve_2022_21699(): | |||
|
|
15 | """ | |||
|
|
16 | Here we test CVE-2022-21699. | |||
|
|
17 | ||||
|
|
18 | We create a temporary directory, cd into it. | |||
|
|
19 | Make a profile file that should not be executed and start IPython in a subprocess, | |||
|
|
20 | checking for the value. | |||
|
|
21 | ||||
|
|
22 | ||||
|
|
23 | ||||
|
|
24 | """ | |||
|
|
25 | ||||
|
|
26 | dangerous_profile_dir = Path('profile_default') | |||
|
|
27 | ||||
|
|
28 | dangerous_startup_dir = dangerous_profile_dir / 'startup' | |||
|
|
29 | dangerous_expected = 'CVE-2022-21699-'+''.join([random.choice(string.ascii_letters) for i in range(10)]) | |||
|
|
30 | ||||
|
|
31 | with TemporaryWorkingDirectory() as t: | |||
|
|
32 | dangerous_startup_dir.mkdir(parents=True) | |||
|
|
33 | (dangerous_startup_dir/ 'foo.py').write_text(f'print("{dangerous_expected}")') | |||
|
|
34 | # 1 sec to make sure FS is flushed. | |||
|
|
35 | #time.sleep(1) | |||
|
|
36 | cmd = [sys.executable,'-m', 'IPython'] | |||
|
|
37 | env = os.environ.copy() | |||
|
|
38 | env['IPY_TEST_SIMPLE_PROMPT'] = '1' | |||
|
|
39 | ||||
|
|
40 | ||||
|
|
41 | # First we fake old behavior, making sure the profile is/was actually dangerous | |||
|
|
42 | p_dangerous = subprocess.Popen(cmd + [f'--profile-dir={dangerous_profile_dir}'], env=env, stdin=subprocess.PIPE, | |||
|
|
43 | stdout=subprocess.PIPE, stderr=subprocess.PIPE) | |||
|
|
44 | out_dangerous, err_dangerouns = p_dangerous.communicate(b"exit\r") | |||
|
|
45 | assert dangerous_expected in out_dangerous.decode() | |||
|
|
46 | ||||
|
|
47 | # Now that we know it _would_ have been dangerous, we test it's not loaded | |||
|
|
48 | p = subprocess.Popen(cmd, env=env, stdin=subprocess.PIPE, | |||
|
|
49 | stdout=subprocess.PIPE, stderr=subprocess.PIPE) | |||
|
|
50 | out, err = p.communicate(b"exit\r") | |||
|
|
51 | assert b'IPython' in out | |||
|
|
52 | assert dangerous_expected not in out.decode() | |||
|
|
53 | assert err == b'' | |||
|
|
54 | ||||
|
|
55 | ||||
|
|
56 | ||||
General Comments 0
You need to be logged in to leave comments.
Login now