oss-sec mailing list archives
Re: Pylint checks not as static as one would think
From: Jakub Wilk <jwilk () jwilk net>
Date: Tue, 12 Jul 2016 11:14:53 +0200
* Jakub Wilk <jwilk () jwilk net>, 2014-09-29, 14:32:
$ cat moo.py
from _moo import *
$ cat moo.c
#include <stdio.h>
#include <signal.h>
void __attribute__((constructor)) moo() {
printf("moo!\n");
kill(0, SIGSEGV);
}
$ gcc -Wall -shared -fPIC moo.c -o _moo.so
$ pylint moo.py
No config file found, using default configuration
moo!
Segmentation fault
This was fixed in Pylint 1.4.0: | * Added new options for controlling the loading of C extensions. | By default, only C extensions from the stdlib will be loaded | into the active Python interpreter for inspection, because they | can run arbitrary code on import. The option | `--extension-pkg-whitelist` can be used to specify modules | or packages that are safe to load.Beware that by default Pylint reads configuration file from cwd, and this configuration file can whitelist malicious extensions. You probably want to use --rcfile=/dev/null when cwd is untrusted.
And here's another code execution bug: https://github.com/PyCQA/pylint/issues/959 -- Jakub Wilk
Current thread:
- Re: Pylint checks not as static as one would think Jakub Wilk (Jul 12)