~ubuntu-core-dev/ubuntu/precise/apport/ubuntu

Committer: Martin Pitt
Date: 2015-10-27 13:18:01 UTC
Revision ID: martin.pitt@canonical.com-20151027131801-05x7jpa3ev4n42b6

SECURITY FIX: When determining the path of a Python module for a program
like "python -m module_name", avoid actually importing and running the
module; this could lead to local root privilege escalation. Thanks to
Gabriel Campana for discovering this and the fix!
(CVE-2015-1341, LP: #1507480)

files modified:
apport/report.py

debian/changelog

test/test_report.py

Show diffs side-by-side

added added

removed removed

apport/report.py

# the full text of the license.

import subprocess, tempfile, os.path, urllib, re, pwd, grp, os

import fnmatch, glob, traceback, errno

import fnmatch, glob, traceback, errno, sys, imp

import xml.dom, xml.dom.minidom

from xml.parsers.expat import ExpatError

380

def _python_module_path(klass, module):

381

'''Determine path of given Python module'''

382

383

try:

384

m = __import__(module.replace('/', '.'))

385

386

except:

387

return None

388

389

# chop off the first component, as it's already covered by m

390

path = eval('m.%s.__file__' % '.'.join(module.split('/')[1:]))

391

if path.endswith('.pyc'):

383

module = module.replace('/', '.').split('.')

384

pathlist = sys.path

385

386

path = None

387

while module:

388

name = module.pop(0)

389

390

try:

391

(fd, path, desc) = imp.find_module(name, pathlist)

392

except ImportError:

393

path = None

394

break

395

if fd:

396

fd.close()

397

pathlist = [path]

398

399

if not module and desc[2] == imp.PKG_DIRECTORY:

400

module = ['__init__']

401

402

if path and path.endswith('.pyc'):

392

403

path = path[:-1]

393

404

return path

394

405

Older »