sonic-buildimage

matthew/sonic-buildimage

Fork 0

Commit Graph

Author	SHA1	Message	Date
Mai Bui	06e1a0bc14	[device/dell] Mitigation for security vulnerability (#11875 ) Dependency: [PR (#12065)](https://github.com/sonic-net/sonic-buildimage/pull/12065) needs to merge first. #### Why I did it `commands` module is not protected against malicious input `getstatusoutput` is detected without a static string, uses `shell=True` #### How I did it Eliminate the use of `commands` Use `subprocess.run()`, commands in `subprorcess.run()` are totally static Fix indentation #### How to verify it Tested on DUT [dell_log.txt](https://github.com/sonic-net/sonic-buildimage/files/9561332/dell_log.txt)	2023-01-05 16:22:09 -08:00
arunlk-dell	b0b0ba828a	DellEMC: N3248PXE Initial platform commit (#8562 ) Why I did it Added support for the device N3248PXE How I did it Implemented the support for the platform N3248PXE n3248pxe_unit_test_log.txt Switch Vendor: DellEMC * Switch SKU: N3248PXE * ASIC Vendor: Broadcom * SONiC Image: sonic-broadcom.bin How to verify it Verified the show platform commands	2021-09-25 15:35:16 -07:00

Author

SHA1

Message

Date

Mai Bui

06e1a0bc14

[device/dell] Mitigation for security vulnerability (#11875 )

Dependency: [PR (#12065)](https://github.com/sonic-net/sonic-buildimage/pull/12065) needs to merge first.

#### Why I did it
`commands` module is not protected against malicious input
`getstatusoutput` is detected without a static string, uses `shell=True`
#### How I did it
Eliminate the use of `commands`
Use `subprocess.run()`, commands in `subprorcess.run()` are totally static
Fix indentation
#### How to verify it
Tested on DUT
[dell_log.txt](https://github.com/sonic-net/sonic-buildimage/files/9561332/dell_log.txt)

2023-01-05 16:22:09 -08:00

arunlk-dell

b0b0ba828a

DellEMC: N3248PXE Initial platform commit (#8562 )

Why I did it
Added support for the device N3248PXE

How I did it
Implemented the support for the platform N3248PXE
n3248pxe_unit_test_log.txt

Switch Vendor: DellEMC
* Switch SKU: N3248PXE
* ASIC Vendor: Broadcom
* SONiC Image: sonic-broadcom.bin

How to verify it
Verified the show platform commands

2021-09-25 15:35:16 -07:00

2 Commits