Fix multiple minor security vulnerabilities

[osm/LCM.git] / osm_lcm / lcm.py

diff --git a/osm_lcm/lcm.py b/osm_lcm/lcm.py
index 2fc479f..5ed39ab 100644 (file)
--- a/osm_lcm/lcm.py
+++ b/osm_lcm/lcm.py
@@ -19,7 +19,6 @@
 
 
 # DEBUG WITH PDB
-import os
 import pdb
 
 import asyncio
@@ -28,6 +27,7 @@ import logging
 import logging.handlers
 import getopt
 import sys
+from random import SystemRandom
 
 from osm_lcm import ns, vim_sdn, netslice
 from osm_lcm.ng_ro import NgRoException, NgRoClient
@@ -46,12 +46,11 @@ from osm_lcm.data_utils.database.database import Database
 from osm_lcm.data_utils.filesystem.filesystem import Filesystem
 from osm_lcm.data_utils.lcm_config import LcmCfg
 from osm_lcm.lcm_hc import get_health_check_file
-from os import path
-from random import choice as random_choice
+from os import path, getenv
 from n2vc import version as n2vc_version
 import traceback
 
-if os.getenv("OSMLCM_PDB_DEBUG", None) is not None:
+if getenv("OSMLCM_PDB_DEBUG", None) is not None:
     pdb.set_trace()
 
 
@@ -761,18 +760,22 @@ class Lcm:
         will provide a random one
         :return: Obtained ID
         """
-        # Try getting docker id. If fails, get pid
-        try:
-            with open("/proc/self/cgroup", "r") as f:
-                text_id_ = f.readline()
-                _, _, text_id = text_id_.rpartition("/")
-                text_id = text_id.replace("\n", "")[:12]
-                if text_id:
-                    return text_id
-        except Exception:
-            pass
-        # Return a random id
-        return "".join(random_choice("0123456789abcdef") for _ in range(12))
+
+        def get_docker_id():
+            try:
+                with open("/proc/self/cgroup", "r") as f:
+                    text_id_ = f.readline()
+                    _, _, text_id = text_id_.rpartition("/")
+                    return text_id.replace("\n", "")[:12]
+            except Exception:
+                return None
+
+        def generate_random_id():
+            return "".join(SystemRandom().choice("0123456789abcdef") for _ in range(12))
+
+        # Try getting docker id. If it fails, generate a random id
+        docker_id = get_docker_id()
+        return docker_id if docker_id else generate_random_id()
 
 
 def usage():
@@ -813,14 +816,9 @@ if __name__ == "__main__":
                 from osm_lcm.lcm_hc import health_check
 
                 health_check(config_file, Lcm.ping_interval_pace)
-            # elif o == "--log-socket-port":
-            #     log_socket_port = a
-            # elif o == "--log-socket-host":
-            #     log_socket_host = a
-            # elif o == "--log-file":
-            #     log_file = a
             else:
-                assert False, "Unhandled option"
+                print(f"Unhandled option: {o}")
+                exit(1)
 
         if config_file:
             if not path.isfile(config_file):