[sonic-config-engine] Replace os.system, replace yaml.load, remove subprocess with shell=True#12533
Merged
maipbui merged 5 commits intosonic-net:masterfrom Oct 31, 2022
Merged
Conversation
Signed-off-by: maipbui <[email protected]>
qiluo-msft
reviewed
Oct 28, 2022
| self.yang_parser.loadYangModel() | ||
| self.test_dir = os.path.dirname(os.path.realpath(__file__)) | ||
| self.script_file = PYTHON_INTERPRETTER + ' ' + os.path.join(self.test_dir, '..', 'sonic-cfggen') | ||
| self.script_file = [PYTHON_INTERPRETTER] + [os.path.join(self.test_dir, '..', 'sonic-cfggen')] |
Collaborator
There was a problem hiding this comment.
Suggested change
| self.script_file = [PYTHON_INTERPRETTER] + [os.path.join(self.test_dir, '..', 'sonic-cfggen')] | |
| self.script_file = [PYTHON_INTERPRETTER, os.path.join(self.test_dir, '..', 'sonic-cfggen')] | |
| ``` #Closed |
qiluo-msft
reviewed
Oct 28, 2022
| args, unknown = parser.parse_known_args(shlex.split(argument)) | ||
| parser.add_argument("-o", "--output-file", help="Output file", nargs='?', const=None) | ||
| args, unknown = parser.parse_known_args(argument) | ||
| print(args) |
Collaborator
qiluo-msft
reviewed
Oct 28, 2022
| parser.add_argument("-S", "--hwsku-config", help="hwsku config file, used with -p and -m or -k", nargs='?', const=None) | ||
| parser.add_argument("-j", "--json", help="additional json file input, used with -p, -S and -m or -k", nargs='?', const=None) | ||
| args, unknown = parser.parse_known_args(shlex.split(argument)) | ||
| parser.add_argument("-o", "--output-file", help="Output file", nargs='?', const=None) |
Collaborator
Contributor
Author
There was a problem hiding this comment.
Because there're some commands that have output redirection.
Original command:
Changed command
Implementation of new behavior:
https://github.com/sonic-net/sonic-buildimage/blob/ce3e0759543cd00a5a515b31ffb3e87de48c2e76/src/sonic-config-engine/tests/test_j2files.py#L46-#L59
Collaborator
There was a problem hiding this comment.
I prefer following subprocess functions, adding stdout=None, stderr=None to this function parameter list.
qiluo-msft
reviewed
Oct 28, 2022
| self.yang = utils.YangWrapper() | ||
| self.test_dir = os.path.dirname(os.path.realpath(__file__)) | ||
| self.script_file = utils.PYTHON_INTERPRETTER + ' ' + os.path.join(self.test_dir, '..', 'sonic-cfggen') | ||
| self.script_file = [utils.PYTHON_INTERPRETTER] + [os.path.join(self.test_dir, '..', 'sonic-cfggen')] |
Collaborator
qiluo-msft
reviewed
Oct 28, 2022
|
|
||
| def run_script(self, argument, check_stderr=False, verbose=False): | ||
| print('\n Running sonic-cfggen ' + argument) | ||
| print('\n Running sonic-cfggen ', argument) |
Collaborator
Contributor
Author
There was a problem hiding this comment.
No, but argument variable is a list, cannot be concatenated with string in the print statement.
Contributor
Author
There was a problem hiding this comment.
Updated to shlex.join
Collaborator
There was a problem hiding this comment.
I notice it is not available in python 3.7. Then + is good enough in test code.
qiluo-msft
reviewed
Oct 28, 2022
| def setUp(self): | ||
| self.test_dir = os.path.dirname(os.path.realpath(__file__)) | ||
| self.script_file = utils.PYTHON_INTERPRETTER + ' ' + os.path.join(self.test_dir, '..', 'sonic-cfggen') | ||
| self.script_file = [utils.PYTHON_INTERPRETTER] + [os.path.join(self.test_dir, '..', 'sonic-cfggen')] |
Collaborator
qiluo-msft
reviewed
Oct 28, 2022
| def setUp(self): | ||
| self.test_dir = os.path.dirname(os.path.realpath(__file__)) | ||
| self.script_file = utils.PYTHON_INTERPRETTER + ' ' + os.path.join(self.test_dir, '..', 'sonic-cfggen') | ||
| self.script_file = [utils.PYTHON_INTERPRETTER] + [os.path.join(self.test_dir, '..', 'sonic-cfggen')] |
Collaborator
qiluo-msft
reviewed
Oct 28, 2022
| self.t2_chassis_fe_port_config = os.path.join(self.test_dir, 't2-chassis-fe-port-config.ini') | ||
|
|
||
| def run_script(self, argument, check_stderr=False): | ||
| print('\n Running sonic-cfggen ' + argument) |
Collaborator
qiluo-msft
reviewed
Oct 28, 2022
| def setUp(self): | ||
| self.test_dir = os.path.dirname(os.path.realpath(__file__)) | ||
| self.script_file = utils.PYTHON_INTERPRETTER + ' ' + os.path.join(self.test_dir, '..', 'sonic-cfggen') | ||
| self.script_file = [utils.PYTHON_INTERPRETTER] + [os.path.join(self.test_dir, '..', 'sonic-cfggen')] |
Collaborator
qiluo-msft
reviewed
Oct 28, 2022
| def run_script(self, argument): | ||
| print('CMD: sonic-cfggen ' + argument) | ||
| output = subprocess.check_output(self.script_file + ' ' + argument, shell=True) | ||
| print('CMD: sonic-cfggen ', argument) |
Collaborator
qiluo-msft
reviewed
Oct 28, 2022
| self.yang = utils.YangWrapper() | ||
| self.test_dir = os.path.dirname(os.path.realpath(__file__)) | ||
| self.script_file = utils.PYTHON_INTERPRETTER + ' ' + os.path.join(self.test_dir, '..', 'sonic-cfggen') | ||
| self.script_file = [utils.PYTHON_INTERPRETTER] + [os.path.join(self.test_dir, '..', 'sonic-cfggen')] |
Collaborator
qiluo-msft
reviewed
Oct 28, 2022
| self.port_config = os.path.join(self.test_dir, 't0-sample-port-config.ini') | ||
|
|
||
| def run_script(self, argument, check_stderr=False): | ||
| print('\n Running sonic-cfggen ' + argument) |
qiluo-msft
reviewed
Oct 28, 2022
| self.test_dir = os.path.dirname(os.path.realpath(__file__)) | ||
| self.test_data_dir = os.path.join(self.test_dir, 'multi_npu_data') | ||
| self.script_file = utils.PYTHON_INTERPRETTER + ' ' + os.path.join(self.test_dir, '..', 'sonic-cfggen') | ||
| self.script_file = [utils.PYTHON_INTERPRETTER] + [os.path.join(self.test_dir, '..', 'sonic-cfggen')] |
Collaborator
qiluo-msft
reviewed
Oct 28, 2022
| os.environ["CFGGEN_UNIT_TESTING"] = "2" | ||
|
|
||
| def run_script(self, argument, check_stderr=False): | ||
| print('\n Running sonic-cfggen ' + argument) |
Signed-off-by: maipbui <[email protected]>
Signed-off-by: maipbui <[email protected]>
ganglyu
reviewed
Oct 29, 2022
| write_output = False | ||
| if '-o' in argument: | ||
| write_output = True | ||
| output_file = argument[-1] |
Contributor
There was a problem hiding this comment.
How to guarantee '-o' is the last argument?
Contributor
Author
There was a problem hiding this comment.
I changed to different solution.
ganglyu
reviewed
Oct 29, 2022
| os.system(echo_cmd) | ||
| subprocess.call(['sudo', 'mkdir', '/host']) | ||
| subprocess.call(['sudo', 'touch', '/host/machine.conf']) | ||
| getstatusoutput_noshell_pipe(echo_cmd1, echo_cmd2) |
Contributor
There was a problem hiding this comment.
Can you explain these commands?
ganglyu
reviewed
Oct 29, 2022
| def remove_machine_conf(self, file_exist, dir_exist): | ||
| if not file_exist: | ||
| os.system('sudo rm -f /host/machine.conf') | ||
| subprocess.call(['sudo', 'rm', '-f', '/host/machine.conf']) |
Contributor
There was a problem hiding this comment.
there's no user input in 'sudo rm -f /host/machine.conf', why is it a risk?
Contributor
Author
There was a problem hiding this comment.
It's better for extra security when using subprocess and with array of strings. https://semgrep.dev/docs/cheat-sheets/python-command-injection/#1c-using-os-module-to-execute-commands
Signed-off-by: maipbui <[email protected]>
Signed-off-by: maipbui <[email protected]>
ganglyu
approved these changes
Oct 29, 2022
qiluo-msft
approved these changes
Oct 31, 2022
maipbui
changed the title
maipbui
added a commit
to maipbui/sonic-buildimage
that referenced
this pull request
Nov 7, 2022
….load, remove subprocess with shell=True (sonic-net#12533)" (sonic-net#12616)" This reverts commit 661c467.
maipbui
added a commit
that referenced
this pull request
Nov 17, 2022
…ubprocess with shell=True (#12607) Signed-off-by: maipbui <[email protected]> #### Why I did it Missing import statement in PR #12533 #### How I did it Revert [PR 12646](#12616) Add import statement 1. https://github.com/sonic-net/sonic-buildimage/blob/31f7afa92e8d1e353ef2f3b004711dd18c0d94f6/src/sonic-config-engine/tests/test_j2files_t2_chassis_fe.py#L8 2. https://github.com/sonic-net/sonic-buildimage/blob/31f7afa92e8d1e353ef2f3b004711dd18c0d94f6/src/sonic-config-engine/tests/test_j2files.py#L8 3. https://github.com/sonic-net/sonic-buildimage/blob/31f7afa92e8d1e353ef2f3b004711dd18c0d94f6/src/sonic-config-engine/tests/test_multinpu_cfggen.py#L11 #### How to verify it Pass UT
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Signed-off-by: maipbui [email protected]
Why I did it
subprocessis used withshell=True, which is very dangerous for shell injection.os- not secure against maliciously constructed input and dangerous if used to evaluate dynamic contentyaml.loadcan create arbitrary Python objectsHow I did it
Replace
osbysubprocess, removeshell=TrueUse
yaml.safe_load()How to verify it
Pass UT
Which release branch to backport (provide reason below if selected)
Description for the changelog
Ensure to add label/tag for the feature raised. example - PR#2174 under sonic-utilities repo. where, Generic Config and Update feature has been labelled as GCU.
Link to config_db schema for YANG module changes
A picture of a cute animal (not mandatory but encouraged)