diff options
| author | Jenkins <jenkins@review.openstack.org> | 2013-03-13 11:48:00 +0000 |
|---|---|---|
| committer | Gerrit Code Review <review@openstack.org> | 2013-03-13 11:48:00 +0000 |
| commit | 44d2a4c02f0771f5b6614de9d50a9fde498a0a65 (patch) | |
| tree | d039188ef084780355c6538482e6450bef986911 /openstack | |
| parent | 7f9b28ad0e3e6b0b25a2643cc951db7695db4f36 (diff) | |
| parent | 40640215468b1fe7f7b17c299c658e94f82e7d70 (diff) | |
| download | oslo-44d2a4c02f0771f5b6614de9d50a9fde498a0a65.tar.gz oslo-44d2a4c02f0771f5b6614de9d50a9fde498a0a65.tar.xz oslo-44d2a4c02f0771f5b6614de9d50a9fde498a0a65.zip | |
Merge "Sanitize input before creating IPC socket."
Diffstat (limited to 'openstack')
| -rw-r--r-- | openstack/common/rpc/impl_zmq.py | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/openstack/common/rpc/impl_zmq.py b/openstack/common/rpc/impl_zmq.py index 7af9cd0..87f8d21 100644 --- a/openstack/common/rpc/impl_zmq.py +++ b/openstack/common/rpc/impl_zmq.py @@ -16,6 +16,7 @@ import os import pprint +import re import socket import sys import types @@ -431,6 +432,8 @@ class ZmqProxy(ZmqBaseReactor): def __init__(self, conf): super(ZmqProxy, self).__init__(conf) + pathsep = set((os.path.sep or '', os.path.altsep or '', '/', '\\')) + self.badchars = re.compile(r'[%s]' % re.escape(''.join(pathsep))) self.topic_proxy = {} @@ -456,6 +459,13 @@ class ZmqProxy(ZmqBaseReactor): LOG.info(_("Creating proxy for topic: %s"), topic) try: + # The topic is received over the network, + # don't trust this input. + if self.badchars.search(topic) is not None: + emsg = _("Topic contained dangerous characters.") + LOG.warn(emsg) + raise RPCException(emsg) + out_sock = ZmqSocket("ipc://%s/zmq_topic_%s" % (ipc_dir, topic), sock_type, bind=True) |