/mandos/trunk : revision 1204

To get this branch, use:

bzr branch
http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to mandos

Committer: teddy at recompile
Date: 2020-02-08 14:01:38 UTC
Revision ID: teddy@recompile.se-20200208140138-h3ett0amdelfpt90

mandos: If possible, use shlex.quote() instead of re.escape()

* mandos: Make sure shlex.quote() exists (falling back to assigning
re.escape to it).
(Client.start_checker): Use shlex.quote() instead of re.escape().

files modified:
TODO

mandos

mandos.service

Show diffs side-by-side

added added

removed removed

mandos

import codecs

import unittest

import random

import shlex

import dbus

import dbus.service

__metaclass__ = type

str = unicode

# Add collections.abc.Callable if it does not exist

try:

100

collections.abc.Callable

101

except AttributeError:

102

class abc:

103

Callable = collections.Callable

104

collections.abc = abc

105

del abc

106

107

# Add shlex.quote if it does not exist

108

try:

109

shlex.quote

110

except AttributeError:

111

shlex.quote = re.escape

112

113

# Show warnings by default

114

if not sys.warnoptions:

115

import warnings

1118

1134

if self.checker is None:

1119

1135

# Escape attributes for the shell

1120

1136

escaped_attrs = {

1121

attr: re.escape(str(getattr(self, attr)))

1137

attr: shlex.quote(str(getattr(self, attr)))

1122

1138

for attr in self.runtime_expansions}

1123

1139

try:

1124

1140

command = self.checker_command % escaped_attrs

2748

2764

if command == 'getattr':

2749

2765

attrname = request[1]

2750

2766

if isinstance(client_object.__getattribute__(attrname),

2751

collections.Callable):

2767

collections.abc.Callable):

2752

2768

parent_pipe.send(('function', ))

2753

2769

else:

2754

2770

parent_pipe.send((

Older »