-
Committer:
Martin Pitt
-
Date:
2016-12-18 12:49:43 UTC
-
Revision ID:
martin.pitt@canonical.com-20161218124943-rn79hmqwgz0uetkv
Restrict a report's CrashDB field to literals
Use ast.literal_eval() instead of the generic eval(), to prevent arbitrary code
execution from malicious .crash files. A user could be tricked into opening a
crash file whose CrashDB field contains an exec(), open(), or similar commands;
this is fairly easy as we install a MIME handler for these.
Thanks to Donncha O'Cearbhaill for discovering this!
CVE-2016-9949
LP: #1648806