[device/dell] Mitigation for security vulnerability

[maipbui]

Signed-off-by: maipbui [email protected]

Dependency: PR (#12065) needs to merge first.

Why I did it

commands module is not protected against malicious input
getstatusoutput is detected without a static string, uses shell=True

How I did it

Eliminate the use of commands
Use subprocess.run(), commands in subprorcess.run() are totally static
Fix indentation

How to verify it

Tested on DUT
dell_log.txt

Which release branch to backport (provide reason below if selected)

• 201811
• 201911
• 202006
• 202012
• 202106
• 202111
• 202205

Description for the changelog

Link to config_db schema for YANG module changes

A picture of a cute animal (not mandatory but encouraged)

[lgtm-com]

This pull request introduces 6 alerts and fixes 1 when merging a1bd8ec into 1e75abc - view on LGTM.com

new alerts:

• 4 for Variable defined multiple times
• 2 for Syntax error

fixed alerts:

• 1 for Variable defined multiple times

[lgtm-com]

This pull request introduces 6 alerts and fixes 7 when merging cd61bca into a8b2a53 - view on LGTM.com

new alerts:

• 6 for Variable defined multiple times

fixed alerts:

• 3 for Unused import
• 2 for Unused local variable
• 2 for Variable defined multiple times

[lgtm-com]

This pull request introduces 2 alerts and fixes 12 when merging 017f143 into 38cc35f - view on LGTM.com

new alerts:

• 2 for Variable defined multiple times

fixed alerts:

• 6 for Unused local variable
• 4 for Unused import
• 2 for Variable defined multiple times

[lgtm-com]

This pull request introduces 1 alert and fixes 12 when merging 8593247 into 7d1b99a - view on LGTM.com

new alerts:

• 1 for Variable defined multiple times

fixed alerts:

• 6 for Unused local variable
• 4 for Unused import
• 2 for Variable defined multiple times

[lgtm-com]

This pull request introduces 1 alert and fixes 12 when merging 7f54f67 into 7d1b99a - view on LGTM.com

new alerts:

• 1 for Variable defined multiple times

fixed alerts:

• 6 for Unused local variable
• 4 for Unused import
• 2 for Variable defined multiple times

[lgtm-com]

This pull request introduces 1 alert and fixes 12 when merging f74eda9 into 5650762 - view on LGTM.com

new alerts:

• 1 for Variable defined multiple times

fixed alerts:

• 6 for Unused local variable
• 4 for Unused import
• 2 for Variable defined multiple times

[qiluo-msft]

There are multiple ways to fail the block, for example, could not open file, or write failure. #Closed

[qiluo-msft]

write

The same. #Closed

[lgtm-com]

This pull request introduces 1 alert and fixes 12 when merging f320820 into 1effff9 - view on LGTM.com

new alerts:

• 1 for Variable defined multiple times

fixed alerts:

• 6 for Unused local variable
• 4 for Unused import
• 2 for Variable defined multiple times

[qiluo-msft]

status = 1

lgtm said "This assignment to 'status' is unnecessary as it is redefined here before this value is used." #Closed

[lgtm-com]

This pull request fixes 12 alerts when merging 43934a5 into 1f0699f - view on LGTM.com

fixed alerts:

• 6 for Unused local variable
• 4 for Unused import
• 2 for Variable defined multiple times

[maipbui]

@srideepDell @santhosh-kt @thaj-deen @arunlk-dell Could you help review and verify?

[maipbui]

/azp run Azure.sonic-buildimage

[azure-pipelines]

Azure Pipelines successfully started running 1 pipeline(s).

[srideepDell]

changes looks good and also from the log.