Markup bandit exceptions

Apply bandit exceptions and explain the rationale in each case
2024-11-21 17:11:58 +00:00 · 2022-02-16 09:10:33 -05:00 · 2022-02-16 09:10:33 -05:00 · 33be75a9a2
commit 33be75a9a2
parent f10a27fd7a
4 changed files with 25 additions and 6 deletions
--- a/confluent_server/confluent/config/configmanager.py
+++ b/confluent_server/confluent/config/configmanager.py
@ -546,15 +546,17 @@ def _load_dict_from_dbm(dpath, tdb):
            if elem not in currdict:
                currdict[elem] = {}
            currdict = currdict[elem]
+        # Pickle is used as the first choice. It is a local self-owned file
+        # and thus not a significant security risk
        try:
            for tk in dbe.keys():
                tks = confluent.util.stringify(tk)
-                currdict[tks] = cPickle.loads(dbe[tk])
+                currdict[tks] = cPickle.loads(dbe[tk]) # nosec
        except AttributeError:
            tk = dbe.firstkey()
            while tk != None:
                tks = confluent.util.stringify(tk)
-                currdict[tks] = cPickle.loads(dbe[tk])
+                currdict[tks] = cPickle.loads(dbe[tk]) # nosec
                tk = dbe.nextkey(tk)
    except dbm.error:
        return
--- a/confluent_server/confluent/discovery/handlers/smm.py
+++ b/confluent_server/confluent/discovery/handlers/smm.py
@ -36,7 +36,9 @@ def fromstring(inputdata):
        cmpstr = '!entity'
    if cmpstr in inputdata.lower():
        raise Exception('!ENTITY not supported in this interface')
-    return rfromstring(inputdata)
+    # The measures above should filter out the risky facets of xml
+    # We don't need sophisticated feature support
+    return rfromstring(inputdata)  # nosec

 def fixuuid(baduuid):
    # SMM dumps it out in hex
--- a/confluent_server/confluent/osimage.py
+++ b/confluent_server/confluent/osimage.py
@ -212,7 +212,8 @@ def extract_entries(entries, flags=0, callback=None, totalsize=None, extractlist
                write_data_block(write_p, buff, size, offset)
            write_finish_entry(write_p)
            if os.path.isdir(str(entry)):
-                os.chmod(str(entry), 0o755)
+                # This directory must be world accessible for web server
+                os.chmod(str(entry), 0o755)  # nosec
            else:
                os.chmod(str(entry), 0o644)
    if callback:
--- a/misc/fixsmmexpiry.py
+++ b/misc/fixsmmexpiry.py
@ -31,7 +31,14 @@ if 'authResult>1' in rspdata:
     rspdata = rsp.read().decode('utf8')
 if 'renew_account' in rspdata:
     restorepwd = True
-     tokens = fromstring(rspdata)
+     if isinstance(rspdata, bytes):
+         if b'!entity' in rspdata.lower():
+             raise Exception('Unexpected material')
+     else:
+        if '!entity' in rspdata.lower():
+             raise Exception('Unexpected material')
+     # the troublesome entity tag is guarded above
+     tokens = fromstring(rspdata)  # nosec
     st2 = tokens.findall('st2')[0].text
     w.set_header('ST2', st2)
     w.request('POST', '/data/changepwd', 'oripwd={0}&newpwd={1}'.format(os.environ['SMMPASS'], tmppassword))
@ -41,7 +48,14 @@ if 'renew_account' in rspdata:
     rsp = w.getresponse()
     rspdata = rsp.read().decode('utf8')
 if 'authResult>0' in rspdata:
-     tokens = fromstring(rspdata)
+     if isinstance(rspdata, bytes):
+        if b'!entity' in rspdata.lower():
+            raise Exception('Unexpected material')
+     else:
+        if '!entity' in rspdata.lower():
+             raise Exception('Unexpected material')
+     # the risky xml entity feature is filtered out above
+     tokens = fromstring(rspdata)  # nosec
     st2 = tokens.findall('st2')[0].text
     w.set_header('ST2', st2)
     rules = 'set=passwordDurationDays:0,passwordExpireWarningDays:0,passwordChangeInterval:0,passwordReuseCheckNum:0,passwordFailAllowdNum:0,passwordLockoutTimePeriod:0'