Changeset View
Changeset View
Standalone View
Standalone View
head/sysutils/ansible/files/extra-patch-eb8c26c
| Property | Old Value | New Value |
|---|---|---|
| fbsd:nokeywords | null | yes \ No newline at end of property |
| svn:eol-style | null | native \ No newline at end of property |
| svn:mime-type | null | text/plain \ No newline at end of property |
| From eb8c26c105e8457b86324b64a13fac37d8862d47 Mon Sep 17 00:00:00 2001 | |||||
| From: Computest <anon@@computest.nl> | |||||
| Date: Tue, 10 Jan 2017 16:51:40 -0600 | |||||
| Subject: [PATCH] Fixing another corner case for security related to | |||||
| CVE-2016-9587 | |||||
| (cherry picked from commit bcceada5d9b78ad77069c78226f8e9b336ff8949) | |||||
| --- | |||||
| lib/ansible/template/__init__.py | 6 +++--- | |||||
| lib/ansible/vars/unsafe_proxy.py | 8 ++++++-- | |||||
| 2 files changed, 9 insertions(+), 5 deletions(-) | |||||
| diff --git lib/ansible/template/__init__.py lib/ansible/template/__init__.py | |||||
| index 4e24fbe..53b2675 100644 | |||||
| --- lib/ansible/template/__init__.py | |||||
| +++ lib/ansible/template/__init__.py | |||||
| @@ -155,7 +155,7 @@ def _is_unsafe(self, val): | |||||
| ''' | |||||
| if isinstance(val, dict): | |||||
| for key in val.keys(): | |||||
| - if self._is_unsafe(val[key]): | |||||
| + if self._is_unsafe(key) or self._is_unsafe(val[key]): | |||||
| return True | |||||
| elif isinstance(val, list): | |||||
| for item in val: | |||||
| @@ -392,11 +392,11 @@ def template(self, variable, convert_bare=False, preserve_trailing_newlines=True | |||||
| fail_on_undefined=fail_on_undefined, | |||||
| overrides=overrides, | |||||
| ) | |||||
| - if convert_data and not self._no_type_regex.match(variable): | |||||
| + unsafe = hasattr(result, '__UNSAFE__') | |||||
| + if convert_data and not self._no_type_regex.match(variable) and not unsafe: | |||||
| # if this looks like a dictionary or list, convert it to such using the safe_eval method | |||||
| if (result.startswith("{") and not result.startswith(self.environment.variable_start_string)) or \ | |||||
| result.startswith("[") or result in ("True", "False"): | |||||
| - unsafe = hasattr(result, '__UNSAFE__') | |||||
| eval_results = safe_eval(result, locals=self._available_variables, include_exceptions=True) | |||||
| if eval_results[1] is None: | |||||
| result = eval_results[0] | |||||
| diff --git lib/ansible/vars/unsafe_proxy.py lib/ansible/vars/unsafe_proxy.py | |||||
| index 426410a..4284705 100644 | |||||
| --- lib/ansible/vars/unsafe_proxy.py | |||||
| +++ lib/ansible/vars/unsafe_proxy.py | |||||
| @@ -98,10 +98,14 @@ def decode(self, obj): | |||||
| def _wrap_dict(v): | |||||
| + # Create new dict to get rid of the keys that are not wrapped. | |||||
| + new = {} | |||||
| for k in v.keys(): | |||||
| if v[k] is not None: | |||||
| - v[wrap_var(k)] = wrap_var(v[k]) | |||||
| - return v | |||||
| + new[wrap_var(k)] = wrap_var(v[k]) | |||||
| + else: | |||||
| + new[wrap_var(k)] = None | |||||
| + return new | |||||
| def _wrap_list(v): | |||||