##// END OF EJS Templates
Fix CVE-2023-24816 by removing legacy code....
Fix CVE-2023-24816 by removing legacy code. Remove legacy code that might trigger a CVE. Currently set_term_title is only called with (semi-)trusted input that contain the current working directory of the current IPython session. If an attacker can control directory names, and manage to get a user cd into this directory the attacker can execute arbitrary commands contained in the folder names. Example: - On a windows machine where python is built without _ctypes, create a folder called && echo "pwn" > pwn.txt. This can be done by for example cloning a git repository. - call toggled_set_term_title(True), (or have the preference to true) - Open IPython and cd into this directory. - the folder now contain a pwn.txt, with pwn as content, despite the user not asking for any code execution. Workaround: Set the configuration option c.TerminalInteractiveShell.term_title_format='IPython' (or to any other fixed, safe string).

File last commit:

r27235:3b816f80
r28089:991849c2
Show More
test_refs.py
39 lines | 715 B | text/x-python | PythonLexer
"""Some simple tests for the plugin while running scripts.
"""
# Module imports
# Std lib
import inspect
# Our own
#-----------------------------------------------------------------------------
# Testing functions
def test_trivial():
"""A trivial passing test."""
pass
def doctest_run():
"""Test running a trivial script.
In [13]: run simplevars.py
x is: 1
"""
def doctest_runvars():
"""Test that variables defined in scripts get loaded correctly via %run.
In [13]: run simplevars.py
x is: 1
In [14]: x
Out[14]: 1
"""
def doctest_ivars():
"""Test that variables defined interactively are picked up.
In [5]: zz=1
In [6]: zz
Out[6]: 1
"""