projects
/
osm
/
N2VC.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Coverity-CWE 22: Improper Limitation of a Pathname
[osm/N2VC.git]
/
n2vc
/
n2vc_conn.py
diff --git
a/n2vc/n2vc_conn.py
b/n2vc/n2vc_conn.py
index
68e8c14
..
9e91a10
100644
(file)
--- a/
n2vc/n2vc_conn.py
+++ b/
n2vc/n2vc_conn.py
@@
-54,7
+54,6
@@
class N2VCConnector(abc.ABC, Loggable):
db: object,
fs: object,
log: object,
db: object,
fs: object,
log: object,
- loop: object,
on_update_db=None,
**kwargs,
):
on_update_db=None,
**kwargs,
):
@@
-64,7
+63,6
@@
class N2VCConnector(abc.ABC, Loggable):
:param object fs: FileSystem object managing the package artifacts (repo common
FsBase)
:param object log: the logging object to log to
:param object fs: FileSystem object managing the package artifacts (repo common
FsBase)
:param object log: the logging object to log to
- :param object loop: the loop to use for asyncio (default current thread loop)
:param on_update_db: callback called when n2vc connector updates database.
Received arguments:
table: e.g. "nsrs"
:param on_update_db: callback called when n2vc connector updates database.
Received arguments:
table: e.g. "nsrs"
@@
-85,7
+83,6
@@
class N2VCConnector(abc.ABC, Loggable):
# store arguments into self
self.db = db
self.fs = fs
# store arguments into self
self.db = db
self.fs = fs
- self.loop = loop or asyncio.get_event_loop()
self.on_update_db = on_update_db
# generate private/public key-pair
self.on_update_db = on_update_db
# generate private/public key-pair
@@
-118,19
+115,27
@@
class N2VCConnector(abc.ABC, Loggable):
self.log.warning("No HOME environment variable, using /tmp")
homedir = "/tmp"
sshdir = "{}/.ssh".format(homedir)
self.log.warning("No HOME environment variable, using /tmp")
homedir = "/tmp"
sshdir = "{}/.ssh".format(homedir)
+ sshdir = os.path.realpath(os.path.normpath(os.path.abspath(sshdir)))
if not os.path.exists(sshdir):
os.mkdir(sshdir)
self.private_key_path = "{}/id_n2vc_rsa".format(sshdir)
if not os.path.exists(sshdir):
os.mkdir(sshdir)
self.private_key_path = "{}/id_n2vc_rsa".format(sshdir)
+ self.private_key_path = os.path.realpath(
+ os.path.normpath(os.path.abspath(self.private_key_path))
+ )
self.public_key_path = "{}.pub".format(self.private_key_path)
self.public_key_path = "{}.pub".format(self.private_key_path)
+ self.public_key_path = os.path.realpath(
+ os.path.normpath(os.path.abspath(self.public_key_path))
+ )
# If we don't have a key generated, then we have to generate it using ssh-keygen
if not os.path.exists(self.private_key_path):
# If we don't have a key generated, then we have to generate it using ssh-keygen
if not os.path.exists(self.private_key_path):
- c
m
d = "ssh-keygen -t {} -b {} -N '' -f {}".format(
+ c
omman
d = "ssh-keygen -t {} -b {} -N '' -f {}".format(
"rsa", "4096", self.private_key_path
)
# run command with arguments
"rsa", "4096", self.private_key_path
)
# run command with arguments
- subprocess.check_output(shlex.split(cmd))
+ args = shlex.split(command)
+ subprocess.run(args, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
# Read the public key. Only one public key (one line) in the file
with open(self.public_key_path, "r") as file:
# Read the public key. Only one public key (one line) in the file
with open(self.public_key_path, "r") as file:
@@
-456,7
+461,6
@@
class N2VCConnector(abc.ABC, Loggable):
# .format(str(status.value), detailed_status, vca_status, entity_type))
try:
# .format(str(status.value), detailed_status, vca_status, entity_type))
try:
-
the_table = db_dict["collection"]
the_filter = db_dict["filter"]
the_path = db_dict["path"]
the_table = db_dict["collection"]
the_filter = db_dict["filter"]
the_path = db_dict["path"]
@@
-524,4
+528,4
@@
def obj_to_dict(obj: object) -> dict:
# convert obj to yaml
yaml_text = obj_to_yaml(obj)
# parse to dict
# convert obj to yaml
yaml_text = obj_to_yaml(obj)
# parse to dict
- return yaml.load(yaml_text, Loader=yaml.Loader)
+ return yaml.load(yaml_text, Loader=yaml.
Safe
Loader)