##// END OF EJS Templates
upstream » ipython
RSS

Clone from https://github.com/ipython/ipython.git

Merge pull request from GHSA-pq7m-3gw7-gq5x...
Matthias Bussonnier -
Show More
Show file before | Show file after | Hide comments
@@ -0,0 +1,56 b''
1 """
2 Test that CVEs stay fixed.
3 """
4
5 from IPython.utils.tempdir import TemporaryDirectory, TemporaryWorkingDirectory
6 from pathlib import Path
7 import random
8 import sys
9 import os
10 import string
11 import subprocess
12 import time
13
14 def test_cve_2022_21699():
15 """
16 Here we test CVE-2022-21699.
17
18 We create a temporary directory, cd into it.
19 Make a profile file that should not be executed and start IPython in a subprocess,
20 checking for the value.
21
22
23
24 """
25
26 dangerous_profile_dir = Path('profile_default')
27
28 dangerous_startup_dir = dangerous_profile_dir / 'startup'
29 dangerous_expected = 'CVE-2022-21699-'+''.join([random.choice(string.ascii_letters) for i in range(10)])
30
31 with TemporaryWorkingDirectory() as t:
32 dangerous_startup_dir.mkdir(parents=True)
33 (dangerous_startup_dir/ 'foo.py').write_text(f'print("{dangerous_expected}")')
34 # 1 sec to make sure FS is flushed.
35 #time.sleep(1)
36 cmd = [sys.executable,'-m', 'IPython']
37 env = os.environ.copy()
38 env['IPY_TEST_SIMPLE_PROMPT'] = '1'
39
40
41 # First we fake old behavior, making sure the profile is/was actually dangerous
42 p_dangerous = subprocess.Popen(cmd + [f'--profile-dir={dangerous_profile_dir}'], env=env, stdin=subprocess.PIPE,
43 stdout=subprocess.PIPE, stderr=subprocess.PIPE)
44 out_dangerous, err_dangerouns = p_dangerous.communicate(b"exit\r")
45 assert dangerous_expected in out_dangerous.decode()
46
47 # Now that we know it _would_ have been dangerous, we test it's not loaded
48 p = subprocess.Popen(cmd, env=env, stdin=subprocess.PIPE,
49 stdout=subprocess.PIPE, stderr=subprocess.PIPE)
50 out, err = p.communicate(b"exit\r")
51 assert b'IPython' in out
52 assert dangerous_expected not in out.decode()
53 assert err == b''
54
55
56
Show file before | Show file after | Hide comments
@@ -65,6 +65,10 b" __author__ = '%s <%s>' % (release.author, release.author_email)"
65 __license__ = release.license
65 __license__ = release.license
66 __version__ = release.version
66 __version__ = release.version
67 version_info = release.version_info
67 version_info = release.version_info
68 # list of CVEs that should have been patched in this release.
69 # this is informational and should not be relied upon.
70 __patched_cves__ = {"CVE-2022-21699"}
71
68
72
69 def embed_kernel(module=None, local_ns=None, **kwargs):
73 def embed_kernel(module=None, local_ns=None, **kwargs):
70 """Embed and start an IPython kernel in a given scope.
74 """Embed and start an IPython kernel in a given scope.
Show file before | Show file after | Hide comments
@@ -133,7 +133,7 b' class BaseIPythonApplication(Application):'
133 config_file_paths = List(Unicode())
133 config_file_paths = List(Unicode())
134 @default('config_file_paths')
134 @default('config_file_paths')
135 def _config_file_paths_default(self):
135 def _config_file_paths_default(self):
136 return [os.getcwd()]
136 return []
137
137
138 extra_config_file = Unicode(
138 extra_config_file = Unicode(
139 help="""Path to an extra config file to load.
139 help="""Path to an extra config file to load.
Show file before | Show file after | Hide comments
@@ -181,9 +181,10 b' class ProfileList(Application):'
181 profiles = list_profiles_in(os.getcwd())
181 profiles = list_profiles_in(os.getcwd())
182 if profiles:
182 if profiles:
183 print()
183 print()
184 print("Available profiles in current directory (%s):" % os.getcwd())
184 print(
185 self._print_profiles(profiles)
185 "Profiles from CWD have been removed for security reason, see CVE-2022-21699:"
186
186 )
187
187 print()
188 print()
188 print("To use any of the above profiles, start IPython with:")
189 print("To use any of the above profiles, start IPython with:")
189 print(" ipython --profile=<name>")
190 print(" ipython --profile=<name>")
Show file before | Show file after | Hide comments
@@ -186,7 +186,7 b' class ProfileDir(LoggingConfigurable):'
186 is not found, a :class:`ProfileDirError` exception will be raised.
186 is not found, a :class:`ProfileDirError` exception will be raised.
187
187
188 The search path algorithm is:
188 The search path algorithm is:
189 1. ``os.getcwd()``
189 1. ``os.getcwd()`` # removed for security reason.
190 2. ``ipython_dir``
190 2. ``ipython_dir``
191
191
192 Parameters
192 Parameters
@@ -198,7 +198,7 b' class ProfileDir(LoggingConfigurable):'
198 will be "profile_<profile>".
198 will be "profile_<profile>".
199 """
199 """
200 dirname = u'profile_' + name
200 dirname = u'profile_' + name
201 paths = [os.getcwd(), ipython_dir]
201 paths = [ipython_dir]
202 for p in paths:
202 for p in paths:
203 profile_dir = os.path.join(p, dirname)
203 profile_dir = os.path.join(p, dirname)
204 if os.path.isdir(profile_dir):
204 if os.path.isdir(profile_dir):
Show file before | Show file after | Hide comments
@@ -2,6 +2,13 b''
2 7.x Series
2 7.x Series
3 ============
3 ============
4
4
5 .. _version 7.31.1:
6
7 IPython 7.31.1 (CVE-2022-21699)
8 ===============================
9
10 Fixed CVE-2022-21699, see IPython 8.0.1 release notes for informations.
11
5
12
6 .. _version 7.31:
13 .. _version 7.31:
7
14
General Comments 0
You need to be logged in to leave comments. Login now