Bug 431949 - s-c-kickstart crashes on malicious characters in KS file
s-c-kickstart crashes on malicious characters in KS file
Status: CLOSED NEXTRELEASE
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: system-config-kickstart (Show other bugs)
5.2
All Linux
low Severity high
: rc
: ---
Assigned To: Chris Lumens
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2008-02-07 17:53 EST by Michal Nowak
Modified: 2013-03-07 21:03 EST (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2008-02-12 17:52:58 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
Evil crafted KS file (867 bytes, text/plain)
2008-02-07 17:53 EST, Michal Nowak
no flags Details

  None (edit)
Description Michal Nowak 2008-02-07 17:53:59 EST
Description of problem:

s-c-k crashes on KS file with strange characters.

Version-Release number of selected component (if applicable):
system-config-kickstart-2.6.19.3-1.el5

How reproducible: always

Steps to Reproduce:

.qa.[root@i386-5s-1-m1 tps]# system-config-kickstart ks.cfg 
Loading "skip-broken" plugin
Loading "kmod" plugin
Loading "protectbase" plugin
Loading "rhnplugin" plugin
0 packages excluded due to repository protections
Traceback (most recent call last):
  File "/usr/bin/system-config-kickstart", line 82, in ?
    kickstartGui.kickstartGui(file)
  File "/usr/share/system-config-kickstart/kickstartGui.py", line 185, in __init__
    self.applyKsdata()
  File "/usr/share/system-config-kickstart/kickstartGui.py", line 343, in
applyKsdata
    self.auth_class.applyKsdata()
  File "/usr/share/system-config-kickstart/auth.py", line 416, in applyKsdata
    opts, args = getopt.getopt(authstr, "d:h",["enablemd5", "enablenis",
  File "/usr/lib/python2.4/getopt.py", line 89, in getopt
    opts, args = do_longs(opts, args[0][2:], longopts, args[1:])
  File "/usr/lib/python2.4/getopt.py", line 153, in do_longs
    has_arg, opt = long_has_args(opt, longopts)
  File "/usr/lib/python2.4/getopt.py", line 170, in long_has_args
    raise GetoptError('option --%s not recognized' % opt, opt)
getopt.GetoptError: option --ldaploadcacert not recognized

Actual results:

crash

Expected results:

load the crappy chars as they are in KS file

Additional info:

see attachment
Comment 1 Michal Nowak 2008-02-07 17:53:59 EST
Created attachment 294284 [details]
Evil crafted KS file
Comment 2 Chris Lumens 2008-02-12 17:52:58 EST
This will be fixed by system-config-kickstart-2.6.19.5 as well.
Comment 3 Michal Nowak 2008-02-14 04:33:40 EST
OK this is fixed in system-config-kickstart-2.6.19.5

Note You need to log in before you can comment on or make changes to this bug.