Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.
For bugs related to Red Hat Enterprise Linux 5 product line. The current stable release is 5.10. For Red Hat Enterprise Linux 6 and above, please visit Red Hat JIRA https://issues.redhat.com/secure/CreateIssue!default.jspa?pid=12332745 to report new issues.

Bug 431949

Summary: s-c-kickstart crashes on malicious characters in KS file
Product: Red Hat Enterprise Linux 5 Reporter: Michal Nowak <mnowak>
Component: system-config-kickstartAssignee: Chris Lumens <clumens>
Status: CLOSED NEXTRELEASE QA Contact:
Severity: high Docs Contact:
Priority: low    
Version: 5.2CC: ohudlick
Target Milestone: rc   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2008-02-12 22:52:58 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
Evil crafted KS file none

Description Michal Nowak 2008-02-07 22:53:59 UTC 
Description of problem:

s-c-k crashes on KS file with strange characters.

Version-Release number of selected component (if applicable):
system-config-kickstart-2.6.19.3-1.el5

How reproducible: always

Steps to Reproduce:

.qa.[root@i386-5s-1-m1 tps]# system-config-kickstart ks.cfg 
Loading "skip-broken" plugin
Loading "kmod" plugin
Loading "protectbase" plugin
Loading "rhnplugin" plugin
0 packages excluded due to repository protections
Traceback (most recent call last):
  File "/usr/bin/system-config-kickstart", line 82, in ?
    kickstartGui.kickstartGui(file)
  File "/usr/share/system-config-kickstart/kickstartGui.py", line 185, in __init__
    self.applyKsdata()
  File "/usr/share/system-config-kickstart/kickstartGui.py", line 343, in
applyKsdata
    self.auth_class.applyKsdata()
  File "/usr/share/system-config-kickstart/auth.py", line 416, in applyKsdata
    opts, args = getopt.getopt(authstr, "d:h",["enablemd5", "enablenis",
  File "/usr/lib/python2.4/getopt.py", line 89, in getopt
    opts, args = do_longs(opts, args[0][2:], longopts, args[1:])
  File "/usr/lib/python2.4/getopt.py", line 153, in do_longs
    has_arg, opt = long_has_args(opt, longopts)
  File "/usr/lib/python2.4/getopt.py", line 170, in long_has_args
    raise GetoptError('option --%s not recognized' % opt, opt)
getopt.GetoptError: option --ldaploadcacert not recognized

Actual results:

crash

Expected results:

load the crappy chars as they are in KS file

Additional info:

see attachment
Comment 1 Michal Nowak 2008-02-07 22:53:59 UTC 
Created attachment 294284 [details]
Evil crafted KS file
Comment 2 Chris Lumens 2008-02-12 22:52:58 UTC 
This will be fixed by system-config-kickstart-2.6.19.5 as well.
Comment 3 Michal Nowak 2008-02-14 09:33:40 UTC 
OK this is fixed in system-config-kickstart-2.6.19.5