Fixing RO Security Vulnerabilities
Jinja2 sets autoescape to False, disabling SSL certificate checks, use of unsafe yaml load,
Try-Except-Pass detected, use of assert detected.
Removing openmanoconfig.py.
Change-Id: I3353208e150ae6c2f91befa1a3bbed33ed0c528d
Signed-off-by: aticig <gulsum.atici@canonical.com>
diff --git a/NG-RO/osm_ng_ro/ns.py b/NG-RO/osm_ng_ro/ns.py
index a7c1562..102a035 100644
--- a/NG-RO/osm_ng_ro/ns.py
+++ b/NG-RO/osm_ng_ro/ns.py
@@ -31,6 +31,7 @@
from cryptography.hazmat.primitives.asymmetric import rsa
from jinja2 import (
Environment,
+ select_autoescape,
StrictUndefined,
TemplateError,
TemplateNotFound,
@@ -77,8 +78,8 @@
if text_id:
return text_id
- except Exception:
- pass
+ except Exception as error:
+ logging.exception(f"{error} occured while getting process id")
# Return a random id
return "".join(random_choice("0123456789abcdef") for _ in range(12))
@@ -380,7 +381,10 @@
str: [description]
"""
try:
- env = Environment(undefined=StrictUndefined)
+ env = Environment(
+ undefined=StrictUndefined,
+ autoescape=select_autoescape(default_for_string=True, default=True),
+ )
template = env.from_string(cloud_init_content)
return template.render(params or {})