Changeset View
Changeset View
Standalone View
Standalone View
head/sysutils/ansible/files/extra-patch-eb8c26c
Property | Old Value | New Value |
---|---|---|
fbsd:nokeywords | null | yes \ No newline at end of property |
svn:eol-style | null | native \ No newline at end of property |
svn:mime-type | null | text/plain \ No newline at end of property |
From eb8c26c105e8457b86324b64a13fac37d8862d47 Mon Sep 17 00:00:00 2001 | |||||
From: Computest <anon@@computest.nl> | |||||
Date: Tue, 10 Jan 2017 16:51:40 -0600 | |||||
Subject: [PATCH] Fixing another corner case for security related to | |||||
CVE-2016-9587 | |||||
(cherry picked from commit bcceada5d9b78ad77069c78226f8e9b336ff8949) | |||||
--- | |||||
lib/ansible/template/__init__.py | 6 +++--- | |||||
lib/ansible/vars/unsafe_proxy.py | 8 ++++++-- | |||||
2 files changed, 9 insertions(+), 5 deletions(-) | |||||
diff --git lib/ansible/template/__init__.py lib/ansible/template/__init__.py | |||||
index 4e24fbe..53b2675 100644 | |||||
--- lib/ansible/template/__init__.py | |||||
+++ lib/ansible/template/__init__.py | |||||
@@ -155,7 +155,7 @@ def _is_unsafe(self, val): | |||||
''' | |||||
if isinstance(val, dict): | |||||
for key in val.keys(): | |||||
- if self._is_unsafe(val[key]): | |||||
+ if self._is_unsafe(key) or self._is_unsafe(val[key]): | |||||
return True | |||||
elif isinstance(val, list): | |||||
for item in val: | |||||
@@ -392,11 +392,11 @@ def template(self, variable, convert_bare=False, preserve_trailing_newlines=True | |||||
fail_on_undefined=fail_on_undefined, | |||||
overrides=overrides, | |||||
) | |||||
- if convert_data and not self._no_type_regex.match(variable): | |||||
+ unsafe = hasattr(result, '__UNSAFE__') | |||||
+ if convert_data and not self._no_type_regex.match(variable) and not unsafe: | |||||
# if this looks like a dictionary or list, convert it to such using the safe_eval method | |||||
if (result.startswith("{") and not result.startswith(self.environment.variable_start_string)) or \ | |||||
result.startswith("[") or result in ("True", "False"): | |||||
- unsafe = hasattr(result, '__UNSAFE__') | |||||
eval_results = safe_eval(result, locals=self._available_variables, include_exceptions=True) | |||||
if eval_results[1] is None: | |||||
result = eval_results[0] | |||||
diff --git lib/ansible/vars/unsafe_proxy.py lib/ansible/vars/unsafe_proxy.py | |||||
index 426410a..4284705 100644 | |||||
--- lib/ansible/vars/unsafe_proxy.py | |||||
+++ lib/ansible/vars/unsafe_proxy.py | |||||
@@ -98,10 +98,14 @@ def decode(self, obj): | |||||
def _wrap_dict(v): | |||||
+ # Create new dict to get rid of the keys that are not wrapped. | |||||
+ new = {} | |||||
for k in v.keys(): | |||||
if v[k] is not None: | |||||
- v[wrap_var(k)] = wrap_var(v[k]) | |||||
- return v | |||||
+ new[wrap_var(k)] = wrap_var(v[k]) | |||||
+ else: | |||||
+ new[wrap_var(k)] = None | |||||
+ return new | |||||
def _wrap_list(v): |