Harden pickling in SDR cache

While a cache is expected to be protected, mitigate dangers by blocking code from being stored in pickle. Change-Id: If3b942dd028da8580ec3f74e94081b30446ab8d9
2026-04-01 15:53:32 +00:00 · 2022-02-22 08:55:04 -05:00
parent 1b800e3f85
commit be58a8ad3e
1 changed files with 14 additions and 1 deletions
--- a/pyghmi/ipmi/sdr.py
+++ b/pyghmi/ipmi/sdr.py
@@ -43,9 +43,22 @@ import pyghmi.exceptions as exc

 try:
    import cPickle as pickle
+
+    def restricted_load(s):
+        unp = pickle.Unpickler(s)
+        unp.find_global = None
+        return unp.load()
 except ImportError:
    import pickle

+    class Unpickler(pickle.Unpickler):
+        def find_class(self, module, name):
+            raise Exception("Code forbidden")
+
+    def restricted_load(s):
+        return Unpickler(s).load()
+
+
 TYPE_UNKNOWN = 0
 TYPE_SENSOR = 1
 TYPE_FRU = 2
@@ -746,7 +759,7 @@ class SDR(object):
            cachefilename = os.path.join(self.cachedir, cachefilename)
        if cachefilename and os.path.isfile(cachefilename):
            with open(cachefilename, 'rb') as cfile:
-                csdrs = pickle.load(cfile)
+                csdrs = restricted_load(cfile)
                for sdrdata in csdrs:
                    self.add_sdr(sdrdata)
                for sid in self.broken_sensor_ids: