diff options
author | perky <perky@FreeBSD.org> | 2005-02-04 12:13:41 +0800 |
---|---|---|
committer | perky <perky@FreeBSD.org> | 2005-02-04 12:13:41 +0800 |
commit | dafaf3a5ed0bcedd625a6ff3260a607eb65fcce8 (patch) | |
tree | 972ca861e93b10de74d8dc2c2d68c79977d3e773 /lang/python24 | |
parent | ddf64505e18915cb58bd755d7e3f550edf1a4baa (diff) | |
download | freebsd-ports-gnome-dafaf3a5ed0bcedd625a6ff3260a607eb65fcce8.tar.gz freebsd-ports-gnome-dafaf3a5ed0bcedd625a6ff3260a607eb65fcce8.tar.zst freebsd-ports-gnome-dafaf3a5ed0bcedd625a6ff3260a607eb65fcce8.zip |
Add a patch from PSF-2005-001 which fixes SimpleXMLRPCServer
vulnerability.
PR: 77078
Submitted by: Marcus Grando <marcus@corp.grupos.com.br>
Security: CAN-2005-0089
Security: http://www.vuxml.org/freebsd/6afa87d3-764b-11d9-b0e7-0000e249a0a2.html
Security: SimpleXMLRPCServer.py allows unrestricted traversal
Diffstat (limited to 'lang/python24')
-rw-r--r-- | lang/python24/Makefile | 1 | ||||
-rw-r--r-- | lang/python24/files/patch-Lib::SimpleXMLRPCServer.py | 125 |
2 files changed, 126 insertions, 0 deletions
diff --git a/lang/python24/Makefile b/lang/python24/Makefile index 0fafbcb85066..8cbd19756eb4 100644 --- a/lang/python24/Makefile +++ b/lang/python24/Makefile @@ -7,6 +7,7 @@ PORTNAME= python PORTVERSION= 2.4 +PORTREVISION= 1 CATEGORIES= lang python ipv6 MASTER_SITES= ${PYTHON_MASTER_SITES} MASTER_SITE_SUBDIR= ${PYTHON_MASTER_SITE_SUBDIR} diff --git a/lang/python24/files/patch-Lib::SimpleXMLRPCServer.py b/lang/python24/files/patch-Lib::SimpleXMLRPCServer.py new file mode 100644 index 000000000000..54b8b4523f4e --- /dev/null +++ b/lang/python24/files/patch-Lib::SimpleXMLRPCServer.py @@ -0,0 +1,125 @@ +Index: Lib/SimpleXMLRPCServer.py +=================================================================== +RCS file: /cvsroot/python/python/dist/src/Lib/SimpleXMLRPCServer.py,v +retrieving revision 1.7.8.1 +diff -c -r1.7.8.1 SimpleXMLRPCServer.py +*** Lib/SimpleXMLRPCServer.py 3 Oct 2004 23:23:00 -0000 1.7.8.1 +--- Lib/SimpleXMLRPCServer.py 3 Feb 2005 05:33:55 -0000 +*************** +*** 107,120 **** + import types + import os + +! def resolve_dotted_attribute(obj, attr): + """resolve_dotted_attribute(a, 'b.c.d') => a.b.c.d + + Resolves a dotted attribute name to an object. Raises + an AttributeError if any attribute in the chain starts with a '_'. + """ + +! for i in attr.split('.'): + if i.startswith('_'): + raise AttributeError( + 'attempt to access private attribute "%s"' % i +--- 107,128 ---- + import types + import os + +! def resolve_dotted_attribute(obj, attr, allow_dotted_names=True): + """resolve_dotted_attribute(a, 'b.c.d') => a.b.c.d + + Resolves a dotted attribute name to an object. Raises + an AttributeError if any attribute in the chain starts with a '_'. ++ ++ If the optional allow_dotted_names argument is false, dots are not ++ supported and this function operates similar to getattr(obj, attr). + """ + +! if allow_dotted_names: +! attrs = attr.split('.') +! else: +! attrs = [attr] +! +! for i in attrs: + if i.startswith('_'): + raise AttributeError( + 'attempt to access private attribute "%s"' % i +*************** +*** 156,162 **** + self.funcs = {} + self.instance = None + +! def register_instance(self, instance): + """Registers an instance to respond to XML-RPC requests. + + Only one instance can be installed at a time. +--- 164,170 ---- + self.funcs = {} + self.instance = None + +! def register_instance(self, instance, allow_dotted_names=False): + """Registers an instance to respond to XML-RPC requests. + + Only one instance can be installed at a time. +*************** +*** 174,182 **** +--- 182,204 ---- + + If a registered function matches a XML-RPC request, then it + will be called instead of the registered instance. ++ ++ If the optional allow_dotted_names argument is true and the ++ instance does not have a _dispatch method, method names ++ containing dots are supported and resolved, as long as none of ++ the name segments start with an '_'. ++ ++ *** SECURITY WARNING: *** ++ ++ Enabling the allow_dotted_names options allows intruders ++ to access your module's global variables and may allow ++ intruders to execute arbitrary code on your machine. Only ++ use this option on a secure, closed network. ++ + """ + + self.instance = instance ++ self.allow_dotted_names = allow_dotted_names + + def register_function(self, function, name = None): + """Registers a function to respond to XML-RPC requests. +*************** +*** 295,301 **** + try: + method = resolve_dotted_attribute( + self.instance, +! method_name + ) + except AttributeError: + pass +--- 317,324 ---- + try: + method = resolve_dotted_attribute( + self.instance, +! method_name, +! self.allow_dotted_names + ) + except AttributeError: + pass +*************** +*** 374,380 **** + try: + func = resolve_dotted_attribute( + self.instance, +! method + ) + except AttributeError: + pass +--- 397,404 ---- + try: + func = resolve_dotted_attribute( + self.instance, +! method, +! self.allow_dotted_names + ) + except AttributeError: + pass |