Skip to content
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: yaml/pyyaml
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: main
Choose a base ref
...
head repository: yaml/pyyaml
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: release/5.1.3
Choose a head ref
Checking mergeability… Don’t worry, you can still create the pull request.
  • 2 commits
  • 6 files changed
  • 2 contributors

Commits on Apr 2, 2020

  1. Move constructor for object/apply to Unsafe

    @perlpunk
    perlpunk committed Apr 2, 2020
    Configuration menu
    Copy the full SHA
    439424a View commit details
    Browse the repository at this point in the history

  2. Prevents arbitrary code execution during python/object/new constructor ( 

    #386)

* Prevents arbitrary code execution during python/object/new constructor

In FullLoader python/object/new constructor, implemented by
construct_python_object_apply, has support for setting the state of a
deserialized instance through the set_python_instance_state method.
After setting the state, some operations are performed on the instance
to complete its initialization, however it is possible for an attacker
to set the instance' state in such a way that arbitrary code is executed
by the FullLoader.

This patch tries to block such attacks in FullLoader by preventing
set_python_instance_state from setting arbitrary properties. It
implements a blacklist that includes `extend` method (called by
construct_python_object_apply) and all special methods (e.g. __set__,
__setitem__, etc.).

Users who need special attributes being set in the state of a
deserialized object can still do it through the UnsafeLoader, which
however should not be used on untrusted input. Additionally, they can
subclass FullLoader and redefine `get_state_keys_blacklist()` to
extend/replace the list of blacklisted keys, passing the subclassed
loader to yaml.load.

* Make sure python/object/new constructor does not set some properties

* Add test to show how to subclass FullLoader with new blacklist
    @ret2libc @perlpunk
    ret2libc authored and perlpunk committed Apr 2, 2020
    Configuration menu
    Copy the full SHA
    0afa8ac View commit details
    Browse the repository at this point in the history
Loading