| Message ID | CAHduLLQV07RPLcV-3ffaebEosQS_DRAk_7ZconHbdkx8oAHejQ@mail.gmail.com (mailing list archive) |
|---|---|
| State | Accepted |
| Headers | show |
| Series | python/semanage: check variable type of port before trying to split | expand |
On 12/6/19 7:17 PM, Joshua Schmidlkofer wrote: > While using Ansible's Selinux module to manage ports, I discovered > that numerical ports caused an unhandled exception in 'seobject.py'. > This appears to be a bug, and I am proposing a fix which checks the > type of the argument before operating on it. This maintains the > original functionality in the case of a string, and acts in the same > fashion if you supply an integer. > > I did not find any open bug report against the SELinux project. The > downstream bug report is here: > https://github.com/ansible/ansible/issues/60968 > > > Signed-off-by: Joshua Schmidlkofer <joshua@joshuainnovates.us> Acked-by: Stephen Smalley <sds@tycho.nsa.gov> > --- > python/semanage/seobject.py | 6 +++++- > 1 file changed, 5 insertions(+), 1 deletion(-) > > diff --git a/python/semanage/seobject.py b/python/semanage/seobject.py > index dc413ca5..0e9ce290 100644 > --- a/python/semanage/seobject.py > +++ b/python/semanage/seobject.py > @@ -1070,7 +1070,11 @@ class portRecords(semanageRecords): > if port == "": > raise ValueError(_("Port is required")) > > - ports = port.split("-") > + if isinstance(port, str): > + ports = port.split('-', 1) > + else: > + ports = (port,) > + > if len(ports) == 1: > high = low = int(ports[0]) > else: > -- > 2.23.0 >
On 12/10/19 3:38 PM, Stephen Smalley wrote: > On 12/6/19 7:17 PM, Joshua Schmidlkofer wrote: >> While using Ansible's Selinux module to manage ports, I discovered >> that numerical ports caused an unhandled exception in 'seobject.py'. >> This appears to be a bug, and I am proposing a fix which checks the >> type of the argument before operating on it. This maintains the >> original functionality in the case of a string, and acts in the same >> fashion if you supply an integer. >> >> I did not find any open bug report against the SELinux project. The >> downstream bug report is here: >> https://github.com/ansible/ansible/issues/60968 >> >> >> Signed-off-by: Joshua Schmidlkofer <joshua@joshuainnovates.us> > > Acked-by: Stephen Smalley <sds@tycho.nsa.gov> Thanks, applied. > >> --- >> python/semanage/seobject.py | 6 +++++- >> 1 file changed, 5 insertions(+), 1 deletion(-) >> >> diff --git a/python/semanage/seobject.py b/python/semanage/seobject.py >> index dc413ca5..0e9ce290 100644 >> --- a/python/semanage/seobject.py >> +++ b/python/semanage/seobject.py >> @@ -1070,7 +1070,11 @@ class portRecords(semanageRecords): >> if port == "": >> raise ValueError(_("Port is required")) >> >> - ports = port.split("-") >> + if isinstance(port, str): >> + ports = port.split('-', 1) >> + else: >> + ports = (port,) >> + >> if len(ports) == 1: >> high = low = int(ports[0]) >> else: >> -- >> 2.23.0 >> >
diff --git a/python/semanage/seobject.py b/python/semanage/seobject.py index dc413ca5..0e9ce290 100644 --- a/python/semanage/seobject.py +++ b/python/semanage/seobject.py @@ -1070,7 +1070,11 @@ class portRecords(semanageRecords): if port == "": raise ValueError(_("Port is required")) - ports = port.split("-") + if isinstance(port, str): + ports = port.split('-', 1) + else: + ports = (port,) + if len(ports) == 1: high = low = int(ports[0]) else:
While using Ansible's Selinux module to manage ports, I discovered that numerical ports caused an unhandled exception in 'seobject.py'. This appears to be a bug, and I am proposing a fix which checks the type of the argument before operating on it. This maintains the original functionality in the case of a string, and acts in the same fashion if you supply an integer. I did not find any open bug report against the SELinux project. The downstream bug report is here: https://github.com/ansible/ansible/issues/60968 Signed-off-by: Joshua Schmidlkofer <joshua@joshuainnovates.us> --- python/semanage/seobject.py | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) -- 2.23.0