##// END OF EJS Templates
Fix CVE-2023-24816 by removing legacy code....
Fix CVE-2023-24816 by removing legacy code. Remove legacy code that might trigger a CVE. Currently set_term_title is only called with (semi-)trusted input that contain the current working directory of the current IPython session. If an attacker can control directory names, and manage to get a user cd into this directory the attacker can execute arbitrary commands contained in the folder names. Example: - On a windows machine where python is built without _ctypes, create a folder called && echo "pwn" > pwn.txt. This can be done by for example cloning a git repository. - call toggled_set_term_title(True), (or have the preference to true) - Open IPython and cd into this directory. - the folder now contain a pwn.txt, with pwn as content, despite the user not asking for any code execution. Workaround: Set the configuration option c.TerminalInteractiveShell.term_title_format='IPython' (or to any other fixed, safe string).

File last commit:

r27843:667f3cbe
r28089:991849c2
Show More
asyncio.py
62 lines | 1.8 KiB | text/x-python | PythonLexer
"""
Inputhook for running the original asyncio event loop while we're waiting for
input.
By default, in IPython, we run the prompt with a different asyncio event loop,
because otherwise we risk that people are freezing the prompt by scheduling bad
coroutines. E.g., a coroutine that does a while/true and never yield back
control to the loop. We can't cancel that.
However, sometimes we want the asyncio loop to keep running while waiting for
a prompt.
The following example will print the numbers from 1 to 10 above the prompt,
while we are waiting for input. (This works also because we use
prompt_toolkit`s `patch_stdout`)::
In [1]: import asyncio
In [2]: %gui asyncio
In [3]: async def f():
...: for i in range(10):
...: await asyncio.sleep(1)
...: print(i)
In [4]: asyncio.ensure_future(f())
"""
from prompt_toolkit import __version__ as ptk_version
from IPython.core.async_helpers import get_asyncio_loop
PTK3 = ptk_version.startswith("3.")
def inputhook(context):
"""
Inputhook for asyncio event loop integration.
"""
# For prompt_toolkit 3.0, this input hook literally doesn't do anything.
# The event loop integration here is implemented in `interactiveshell.py`
# by running the prompt itself in the current asyncio loop. The main reason
# for this is that nesting asyncio event loops is unreliable.
if PTK3:
return
# For prompt_toolkit 2.0, we can run the current asyncio event loop,
# because prompt_toolkit 2.0 uses a different event loop internally.
# get the persistent asyncio event loop
loop = get_asyncio_loop()
def stop():
loop.stop()
fileno = context.fileno()
loop.add_reader(fileno, stop)
try:
loop.run_forever()
finally:
loop.remove_reader(fileno)