[tor-commits] [ooni-probe/master] Fix vulnerability that allowed arbitrary files specified in decks to be executed.

art at torproject.org art at torproject.org
Wed Apr 30 17:30:23 UTC 2014 

commit 572e68a859f3241ca257f940c415d22a81bf45d0
Author: Arturo Filastò <art at fuffa.org>
Date:   Tue Apr 22 21:44:23 2014 +0200

    Fix vulnerability that allowed arbitrary files specified in decks to be executed.
---
 ooni/deck.py    |   15 ++++++++++-----
 ooni/oonicli.py |    2 +-
 2 files changed, 11 insertions(+), 6 deletions(-)

diff --git a/ooni/deck.py b/ooni/deck.py
index cfd5d73..8a26d0c 100644
--- a/ooni/deck.py
+++ b/ooni/deck.py
@@ -6,6 +6,7 @@ from ooni.settings import config
 from ooni.utils import log
 from ooni import errors as e
 
+from twisted.python.filepath import FilePath
 from twisted.internet import reactor, defer
 
 import os
@@ -65,19 +66,23 @@ class InputFile(object):
             file_hash = sha256(f.read())
             assert file_hash.hexdigest() == digest
 
-def nettest_to_path(path):
+def nettest_to_path(path, allow_arbitrary_paths=False):
     """
     Takes as input either a path or a nettest name.
     
+    Args:
+
+        allow_arbitrary_paths:
+            allow also paths that are not relative to the nettest_directory.
+
     Returns:
 
         full path to the nettest file.
     """
-    path_via_name = os.path.join(config.nettest_directory, path + '.py')
-    if os.path.exists(path):
+    if allow_arbitrary_paths and os.path.exists(path):
         return path
-    elif os.path.exists(path_via_name):
-        return path_via_name
+    elif FilePath(config.nettest_directory).preauthChild(path + '.py').exists():
+        return os.path.join(config.nettest_directory, path + '.py')
     else:
         raise e.NetTestNotFound(path)
 
diff --git a/ooni/oonicli.py b/ooni/oonicli.py
index 5c3c0ce..9d50e44 100644
--- a/ooni/oonicli.py
+++ b/ooni/oonicli.py
@@ -152,7 +152,7 @@ def runWithDirector(logging=True, start_tor=True):
             deck.loadDeck(global_options['testdeck'])
         else:
             log.debug("No test deck detected")
-            test_file = nettest_to_path(global_options['test_file'])
+            test_file = nettest_to_path(global_options['test_file'], True)
             net_test_loader = NetTestLoader(global_options['subargs'],
                     test_file=test_file)
             deck.insert(net_test_loader)

More information about the tor-commits mailing list