Coverity-CWE 22: Improper Limitation of a Pathname

to a Restricted Directory ('Path Traversal')

Added fix for CWE 22: Improper Limitation of a Pathname
to a Restricted Directory ('Path Traversal')

Change-Id: I6e39b16dc2cc796eb91485ff6dcecef38b29377b
Signed-off-by: selvi.j <selvi.j@tataelxsi.co.in>

diff --git a/n2vc/n2vc_conn.py b/n2vc/n2vc_conn.py
index 4fa7e36..9e91a10 100644 (file)
--- a/n2vc/n2vc_conn.py
+++ b/n2vc/n2vc_conn.py
@@ -115,19 +115,27 @@ class N2VCConnector(abc.ABC, Loggable):
             self.log.warning("No HOME environment variable, using /tmp")
             homedir = "/tmp"
         sshdir = "{}/.ssh".format(homedir)
+        sshdir = os.path.realpath(os.path.normpath(os.path.abspath(sshdir)))
         if not os.path.exists(sshdir):
             os.mkdir(sshdir)
 
         self.private_key_path = "{}/id_n2vc_rsa".format(sshdir)
+        self.private_key_path = os.path.realpath(
+            os.path.normpath(os.path.abspath(self.private_key_path))
+        )
         self.public_key_path = "{}.pub".format(self.private_key_path)
+        self.public_key_path = os.path.realpath(
+            os.path.normpath(os.path.abspath(self.public_key_path))
+        )
 
         # If we don't have a key generated, then we have to generate it using ssh-keygen
         if not os.path.exists(self.private_key_path):
-            cmd = "ssh-keygen -t {} -b {} -N '' -f {}".format(
+            command = "ssh-keygen -t {} -b {} -N '' -f {}".format(
                 "rsa", "4096", self.private_key_path
             )
             # run command with arguments
-            subprocess.check_output(shlex.split(cmd))
+            args = shlex.split(command)
+            subprocess.run(args, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
 
         # Read the public key. Only one public key (one line) in the file
         with open(self.public_key_path, "r") as file: