apport-cli crashes if a hook provides a python list which is a directory w/o files
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
apport (Ubuntu) |
Fix Released
|
Medium
|
Martin Pitt |
Bug Description
I was reviewing an apport hook for somebody and noticed that apport-cli would crash when you try to save a report (option K) if the apport hook does something odd. As an example:
1) mkdir -p /tmp/directory1
2) modify an apport package hook to contain the following:
contents = os.listdir(
report[
3) run apport-cli ubuntu-
4) observe the following crash
Traceback (most recent call last):
File "/usr/bin/
if not app.run_argv():
File "/usr/lib/
self.
File "/usr/lib/
self.
File "/usr/lib/
response = self.ui_
File "/usr/bin/
self.
File "/usr/lib/
f = open(v[0], 'rb') # file name
FileNotFoundError: [Errno 2] No such file or directory: 'directory2'
If DirContents is a folder that contains at least one file we see the following error raised instead.
TypeError: value for key DirContents must be a string, CompressedValue, or a file reference
Related branches
tags: | added: xenial |
Changed in apport (Ubuntu): | |
importance: | Undecided → Medium |
Changed in apport (Ubuntu): | |
assignee: | nobody → Martin Pitt (pitti) |
It is actually legal for a Report value to be a tuple -- the intention is that this is a "file reference", and we make use of that in several places to avoid needless copies in RAM. For example in data/apport:
or in data/kernel_ crashdump:
pr['VmCoreLog'] = (os.fdopen(log_fd, 'rb'),)
So the problem is that __setitem__() also (erroneously) accepts lists, it does not verify that it is actually a tuple:
if not (isinstance(v, CompressedValue) or hasattr(v, 'isalnum') or
(hasattr( v, '__getitem__') and (
len( v) == 1 or (len(v) >= 2 and v[1] in (True, False))) and
( hasattr( v[0], 'isalnum') or hasattr(v[0], 'read')))):
raise TypeError("value for key %s must be a string, CompressedValue, or a file reference" % k)
It already does check the length and types of the arguments, though.