openstack
/
fuel-devops
Code Issues Proposed changes

Quote bash command substitution while `eval`ing it 

Add quoting for shell command substitution to prevent
bash globbing while performing `eval` with it.

Change-Id: I6d6c6b310c4746cbb1eb1ee82e6d58cc86747463
This commit is contained in:
Artem Panchenko 2017-02-09 16:49:50 +02:00
parent 41bcf73586
commit cf84272a14
2 changed files with 5 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
devops/helpers/ssh_client.py
View File

@ -870,7 +870,8 @@ class SSHClient(six.with_metaclass(_MemorizedSSH, object)):
cmd = "{}\n".format(command)
if self.sudo_mode:
encoded_cmd = base64.b64encode(cmd.encode('utf-8')).decode('utf-8')
cmd = "sudo -S bash -c 'eval $(base64 -d <(echo \"{0}\"))'".format(
cmd = ("sudo -S bash -c 'eval \"$(base64 -d "
"<(echo \"{0}\"))\"'").format(
encoded_cmd
)
chan.exec_command(cmd)

6
devops/tests/helpers/test_ssh_client.py
View File

@ -1010,7 +1010,7 @@ class TestExecute(unittest.TestCase):
mock.call.makefile_stderr('rb'),
mock.call.exec_command(
"sudo -S bash -c '"
"eval $(base64 -d <(echo \"{0}\"))'".format(encoded_cmd))
"eval \"$(base64 -d <(echo \"{0}\"))\"'".format(encoded_cmd))
))
self.assertIn(
mock.call.debug(
@ -1046,7 +1046,7 @@ class TestExecute(unittest.TestCase):
mock.call.makefile_stderr('rb'),
mock.call.exec_command(
"sudo -S bash -c '"
"eval $(base64 -d <(echo \"{0}\"))'".format(encoded_cmd))
"eval \"$(base64 -d <(echo \"{0}\"))\"'".format(encoded_cmd))
))
self.assertIn(
mock.call.debug(
@ -1155,7 +1155,7 @@ class TestExecute(unittest.TestCase):
mock.call.makefile_stderr('rb'),
mock.call.exec_command(
"sudo -S bash -c '"
"eval $(base64 -d <(echo \"{0}\"))'".format(encoded_cmd))
"eval \"$(base64 -d <(echo \"{0}\"))\"'".format(encoded_cmd))
))
self.assertIn(
mock.call.debug(