matthew/sonic-buildimage
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

[netberg] Replace os.system (#12104)

Browse Source 
Signed-off-by: maipbui <maibui@microsoft.com>
#### Why I did it
`os` - not secure against maliciously constructed input and dangerous if used to evaluate dynamic content
#### How I did it
Replace `os` by `subprocess`
This commit is contained in:
Mai Bui 2022-10-26 15:26:48 -07:00 committed by GitHub
parent 3d9a6e46bc
commit 80a7762ff9
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 24 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

31
platform/barefoot/sonic-platform-modules-netberg/aurora-610/sonic_platform/component.py
View File

@ -4,7 +4,7 @@ try:
import os import os
import re import re
import logging import logging
from subprocess import Popen, PIPE from subprocess import call, Popen, PIPE
from sonic_platform_base.component_base import ComponentBase from sonic_platform_base.component_base import ComponentBase
except ImportError as e: except ImportError as e:
@ -39,10 +39,10 @@ COMPONENT_DESC_LIST = [
FW_INSTALL_CMD_LIST = [ FW_INSTALL_CMD_LIST = [
"/usr/share/sonic/platform/plugins/cpld -b 1 -s 0x60 {}", ["/usr/share/sonic/platform/plugins/cpld", "-b", "1", "-s", "0x60", ""],
"/usr/share/sonic/platform/plugins/Yafuflash -cd {} -img-select 3 -non-interactive", ["/usr/share/sonic/platform/plugins/Yafuflash", "-cd", "", "-img-select", "3", "-non-interactive"],
"/usr/share/sonic/platform/plugins/afulnx_64 {} /B /P /N /K", ["/usr/share/sonic/platform/plugins/afulnx_64", "", "/B", "/P", "/N", "/K"],
"/usr/share/sonic/platform/plugins/afulnx_64 {} /B /P /N /K", ["/usr/share/sonic/platform/plugins/afulnx_64", "", "/B", "/P", "/N", "/K"],
] ]
BIOS_ID_MAPPING_TABLE = { BIOS_ID_MAPPING_TABLE = {
@ -157,11 +157,20 @@ class Component(ComponentBase):
return bios_version return bios_version
def __get_cmd(self, image_path):
if self.index == 0:
FW_INSTALL_CMD_LIST[self.index][5] = image_path
elif self.index == 1:
FW_INSTALL_CMD_LIST[self.index][2] = image_path
elif self.index == 2 or self.index == 3:
FW_INSTALL_CMD_LIST[self.index][1] = image_path
return FW_INSTALL_CMD_LIST
def __install_cpld_firmware(self, image_path): def __install_cpld_firmware(self, image_path):
result = False result = False
cmd = FW_INSTALL_CMD_LIST[self.index].format(image_path) cmd = self.__get_cmd(image_path)
ret = os.system(cmd) ret = call(cmd)
if ret == OS_SYSTEM_SUCCESS: if ret == OS_SYSTEM_SUCCESS:
result = True result = True
@ -169,9 +178,9 @@ class Component(ComponentBase):
def __install_bmc_firmware(self, image_path): def __install_bmc_firmware(self, image_path):
result = False result = False
cmd = FW_INSTALL_CMD_LIST[self.index].format(image_path) cmd = self.__get_cmd(image_path)
ret = os.system(cmd) ret = call(cmd)
if ret == OS_SYSTEM_SUCCESS: if ret == OS_SYSTEM_SUCCESS:
result = True result = True
return result return result
@ -200,8 +209,8 @@ class Component(ComponentBase):
logging.error("Not support BIOS index %d", self.index) logging.error("Not support BIOS index %d", self.index)
if ret: if ret:
cmd = FW_INSTALL_CMD_LIST[self.index].format(image_path) cmd = self.__get_cmd(image_path)
ret = os.system(cmd) ret = call(cmd)
if ret == OS_SYSTEM_SUCCESS: if ret == OS_SYSTEM_SUCCESS:
result = True result = True
else: else:

3
platform/barefoot/sonic-platform-modules-netberg/aurora-610/sonic_platform/qsfp.py
View File

@ -8,6 +8,7 @@
try: try:
import os import os
import logging import logging
import subprocess
from ctypes import create_string_buffer from ctypes import create_string_buffer
from sonic_platform_base.sfp_base import SfpBase from sonic_platform_base.sfp_base import SfpBase
from sonic_platform_base.sonic_sfp.sff8436 import sff8436Dom from sonic_platform_base.sonic_sfp.sff8436 import sff8436Dom
@ -131,7 +132,7 @@ class QSfp(SfpBase):
return True return True
def __is_host(self): def __is_host(self):
return os.system("docker > /dev/null 2>&1") == 0 return subprocess.call(["docker"]) == 0
def __get_path_to_port_config_file(self): def __get_path_to_port_config_file(self):
host_platform_root_path = '/usr/share/sonic/device' host_platform_root_path = '/usr/share/sonic/device'

3
platform/barefoot/sonic-platform-modules-netberg/aurora-610/sonic_platform/sfp.py
View File

@ -9,6 +9,7 @@
try: try:
import os import os
import logging import logging
import subprocess
from ctypes import create_string_buffer from ctypes import create_string_buffer
from sonic_platform_base.sfp_base import SfpBase from sonic_platform_base.sfp_base import SfpBase
from sonic_platform_base.sonic_sfp.sff8472 import sff8472Dom from sonic_platform_base.sonic_sfp.sff8472 import sff8472Dom
@ -115,7 +116,7 @@ class Sfp(SfpBase):
return True return True
def __is_host(self): def __is_host(self):
return os.system("docker > /dev/null 2>&1") == 0 return subprocess.call(["docker"]) == 0
def __get_path_to_port_config_file(self): def __get_path_to_port_config_file(self):
host_platform_root_path = '/usr/share/sonic/device' host_platform_root_path = '/usr/share/sonic/device'