Fixing another corner case for security related to CVE-2016-9587
(cherry picked from commit bcceada5d9
)
This commit is contained in:
parent
bd1ba1e21a
commit
51559b0a51
2 changed files with 9 additions and 5 deletions
|
@ -154,7 +154,7 @@ class AnsibleContext(Context):
|
||||||
'''
|
'''
|
||||||
if isinstance(val, dict):
|
if isinstance(val, dict):
|
||||||
for key in val.keys():
|
for key in val.keys():
|
||||||
if self._is_unsafe(val[key]):
|
if self._is_unsafe(key) or self._is_unsafe(val[key]):
|
||||||
return True
|
return True
|
||||||
elif isinstance(val, list):
|
elif isinstance(val, list):
|
||||||
for item in val:
|
for item in val:
|
||||||
|
@ -392,11 +392,11 @@ class Templar:
|
||||||
fail_on_undefined=fail_on_undefined,
|
fail_on_undefined=fail_on_undefined,
|
||||||
overrides=overrides,
|
overrides=overrides,
|
||||||
)
|
)
|
||||||
if convert_data and not self._no_type_regex.match(variable):
|
unsafe = hasattr(result, '__UNSAFE__')
|
||||||
|
if convert_data and not self._no_type_regex.match(variable) and not unsafe:
|
||||||
# if this looks like a dictionary or list, convert it to such using the safe_eval method
|
# if this looks like a dictionary or list, convert it to such using the safe_eval method
|
||||||
if (result.startswith("{") and not result.startswith(self.environment.variable_start_string)) or \
|
if (result.startswith("{") and not result.startswith(self.environment.variable_start_string)) or \
|
||||||
result.startswith("[") or result in ("True", "False"):
|
result.startswith("[") or result in ("True", "False"):
|
||||||
unsafe = hasattr(result, '__UNSAFE__')
|
|
||||||
eval_results = safe_eval(result, locals=self._available_variables, include_exceptions=True)
|
eval_results = safe_eval(result, locals=self._available_variables, include_exceptions=True)
|
||||||
if eval_results[1] is None:
|
if eval_results[1] is None:
|
||||||
result = eval_results[0]
|
result = eval_results[0]
|
||||||
|
|
|
@ -93,10 +93,14 @@ class AnsibleJSONUnsafeDecoder(json.JSONDecoder):
|
||||||
return value
|
return value
|
||||||
|
|
||||||
def _wrap_dict(v):
|
def _wrap_dict(v):
|
||||||
|
# Create new dict to get rid of the keys that are not wrapped.
|
||||||
|
new = {}
|
||||||
for k in v.keys():
|
for k in v.keys():
|
||||||
if v[k] is not None:
|
if v[k] is not None:
|
||||||
v[wrap_var(k)] = wrap_var(v[k])
|
new[wrap_var(k)] = wrap_var(v[k])
|
||||||
return v
|
else:
|
||||||
|
new[wrap_var(k)] = None
|
||||||
|
return new
|
||||||
|
|
||||||
|
|
||||||
def _wrap_list(v):
|
def _wrap_list(v):
|
||||||
|
|
Loading…
Add table
Reference in a new issue