[dia] Bug #581177 - work around Python's untrusted search path vulnerability
- From: Hans Breuer <hans src gnome org>
- To: svn-commits-list gnome org
- Subject: [dia] Bug #581177 - work around Python's untrusted search path vulnerability
- Date: Sat, 23 May 2009 04:28:26 -0400 (EDT)
commit f65009acefcde9b786fe9dab46a3ad044ce3a295
Author: Hans Breuer <hans breuer org>
Date: Sat May 23 10:27:08 2009 +0200
Bug #581177 - work around Python's untrusted search path vulnerability
---
plug-ins/python/python.c | 2 ++
1 files changed, 2 insertions(+), 0 deletions(-)
diff --git a/plug-ins/python/python.c b/plug-ins/python/python.c
index f207c18..f27ab17 100644
--- a/plug-ins/python/python.c
+++ b/plug-ins/python/python.c
@@ -102,6 +102,8 @@ dia_plugin_init(PluginInfo *info)
Py_Initialize();
PySys_SetArgv(1, python_argv);
+ /* Sanitize sys.path */
+ PyRun_SimpleString("import sys; sys.path = filter(None, sys.path)");
if (on_error_report())
return DIA_PLUGIN_INIT_ERROR;
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]