##// END OF EJS Templates
upstream » ipython
RSS

Clone from https://github.com/ipython/ipython.git

Fix CVE-2023-24816 by removing legacy code....
Fix CVE-2023-24816 by removing legacy code. Remove legacy code that might trigger a CVE. Currently set_term_title is only called with (semi-)trusted input that contain the current working directory of the current IPython session. If an attacker can control directory names, and manage to get a user cd into this directory the attacker can execute arbitrary commands contained in the folder names. Example: - On a windows machine where python is built without _ctypes, create a folder called && echo "pwn" > pwn.txt. This can be done by for example cloning a git repository. - call toggled_set_term_title(True), (or have the preference to true) - Open IPython and cd into this directory. - the folder now contain a pwn.txt, with pwn as content, despite the user not asking for any code execution. Workaround: Set the configuration option c.TerminalInteractiveShell.term_title_format='IPython' (or to any other fixed, safe string).
Nikita Kniazev - - Load All Authors

File last commit:

r27081:5e3d218f
r28089:991849c2
Show More
test_shellapp.py
56 lines | 1.8 KiB | text/x-python | PythonLexer
/ IPython / core / tests / test_shellapp.py
History | Annotation | Raw |Copy content |Copy permalink
# -*- coding: utf-8 -*-
"""Tests for shellapp module.
Authors
-------
* Bradley Froehle
"""
#-----------------------------------------------------------------------------
# Copyright (C) 2012 The IPython Development Team
#
# Distributed under the terms of the BSD License. The full license is in
# the file COPYING, distributed as part of this software.
#-----------------------------------------------------------------------------
#-----------------------------------------------------------------------------
# Imports
#-----------------------------------------------------------------------------
import unittest
from IPython.testing import decorators as dec
from IPython.testing import tools as tt
class TestFileToRun(tt.TempFileMixin, unittest.TestCase):
"""Test the behavior of the file_to_run parameter."""
def test_py_script_file_attribute(self):
"""Test that `__file__` is set when running `ipython file.py`"""
src = "print(__file__)\n"
self.mktmp(src)
err = None
tt.ipexec_validate(self.fname, self.fname, err)
def test_ipy_script_file_attribute(self):
"""Test that `__file__` is set when running `ipython file.ipy`"""
src = "print(__file__)\n"
self.mktmp(src, ext='.ipy')
err = None
tt.ipexec_validate(self.fname, self.fname, err)
# The commands option to ipexec_validate doesn't work on Windows, and it
# doesn't seem worth fixing
@dec.skip_win32
def test_py_script_file_attribute_interactively(self):
"""Test that `__file__` is not set after `ipython -i file.py`"""
src = "True\n"
self.mktmp(src)
out, err = tt.ipexec(
self.fname,
options=["-i"],
commands=['"__file__" in globals()', "print(123)", "exit()"],
)
assert "False" in out, f"Subprocess stderr:\n{err}\n-----"