← Back to team overview

yahoo-eng-team team mailing list archive

[Bug 1414530] [NEW] cwd might be set incorrectly when exceptions are thrown

 

Public bug reported:

CWD might be set incorrectly when exceptions are thrown

The call to utils.execute ends up in /opt/stack/nova/nova/utils.py which
ultimately calls processutils.execute() in the oslo_concurrency module.
If there's an error when executing the command which calls an bash script
then an exception ProcessExecutionError will be raised at #1. This means that
the code at #2 will never be reached resulting in the Exception being propagated
up to the call-stack but now one is still stuck with the wrong working
directory which can lead to problems. One should catch the Exception and make sure
that in all cases the working directory is reset to the original one. 

/opt/stack/nova/nova/crypto.py

def ensure_ca_filesystem():
    """Ensure the CA filesystem exists."""
    ca_dir = ca_folder()
    if not os.path.exists(ca_path()):
        genrootca_sh_path = os.path.abspath(
                os.path.join(os.path.dirname(__file__), 'CA',
                'genrootca.sh'))

        start = os.getcwd()
        fileutils.ensure_tree(ca_dir)
        os.chdir(ca_dir)
        utils.execute("sh", genrootca_sh_path) <--- #1
        os.chdir(start)                        <--- #2


One can see in
https://github.com/openstack/oslo.concurrency/blob/master/oslo_concurrency/processutils.py
that this Exception can indeed be thrown.

Analogously there's a similar issue also in the aforementioned file in
_ensure_project_folder.

def _ensure_project_folder(project_id):
    if not os.path.exists(ca_path(project_id)):
        geninter_sh_path = os.path.abspath(
                os.path.join(os.path.dirname(__file__), 'CA',
                'geninter.sh'))
        start = os.getcwd()
        os.chdir(ca_folder())
        utils.execute('sh', geninter_sh_path, project_id,
                      _project_cert_subject(project_id))
        os.chdir(start)


I'm not sure whether this has a potential security vulnerability impact or not. The potential risk is definitely there but it remains to be seen whether an attacker can actually reliably trigger this and then possibly gain something else by having a different working directory. That's why I didn't tag it as a security bug.

** Affects: nova
     Importance: Undecided
         Status: New

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Compute (nova).
https://bugs.launchpad.net/bugs/1414530

Title:
  cwd might be set incorrectly when exceptions are thrown

Status in OpenStack Compute (Nova):
  New

Bug description:
  CWD might be set incorrectly when exceptions are thrown

  The call to utils.execute ends up in /opt/stack/nova/nova/utils.py which
  ultimately calls processutils.execute() in the oslo_concurrency module.
  If there's an error when executing the command which calls an bash script
  then an exception ProcessExecutionError will be raised at #1. This means that
  the code at #2 will never be reached resulting in the Exception being propagated
  up to the call-stack but now one is still stuck with the wrong working
  directory which can lead to problems. One should catch the Exception and make sure
  that in all cases the working directory is reset to the original one. 

  /opt/stack/nova/nova/crypto.py

  def ensure_ca_filesystem():
      """Ensure the CA filesystem exists."""
      ca_dir = ca_folder()
      if not os.path.exists(ca_path()):
          genrootca_sh_path = os.path.abspath(
                  os.path.join(os.path.dirname(__file__), 'CA',
                  'genrootca.sh'))

          start = os.getcwd()
          fileutils.ensure_tree(ca_dir)
          os.chdir(ca_dir)
          utils.execute("sh", genrootca_sh_path) <--- #1
          os.chdir(start)                        <--- #2

  
  One can see in
  https://github.com/openstack/oslo.concurrency/blob/master/oslo_concurrency/processutils.py
  that this Exception can indeed be thrown.

  Analogously there's a similar issue also in the aforementioned file in
  _ensure_project_folder.

  def _ensure_project_folder(project_id):
      if not os.path.exists(ca_path(project_id)):
          geninter_sh_path = os.path.abspath(
                  os.path.join(os.path.dirname(__file__), 'CA',
                  'geninter.sh'))
          start = os.getcwd()
          os.chdir(ca_folder())
          utils.execute('sh', geninter_sh_path, project_id,
                        _project_cert_subject(project_id))
          os.chdir(start)

  
  I'm not sure whether this has a potential security vulnerability impact or not. The potential risk is definitely there but it remains to be seen whether an attacker can actually reliably trigger this and then possibly gain something else by having a different working directory. That's why I didn't tag it as a security bug.

To manage notifications about this bug go to:
https://bugs.launchpad.net/nova/+bug/1414530/+subscriptions


Follow ups

References