matthew/sonic-buildimage
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
09d4d3e6e7
sonic-buildimage/platform/mellanox/mlnx-platform-api
History
Mai Bui 648ca075c7
[device/mellanox] Mitigation for security vulnerability (#11877) 
Signed-off-by: maipbui <maibui@microsoft.com>
Dependency: [PR (#12065)](https://github.com/sonic-net/sonic-buildimage/pull/12065) needs to merge first.
#### Why I did it
`subprocess.Popen()` and `subprocess.check_output()` is used with `shell=True`, which is very dangerous for shell injection.
#### How I did it
Disable `shell=True`, enable `shell=False`
#### How to verify it
Tested on DUT, compare and verify the output between the original behavior and the new changes' behavior.
[testresults.zip](https://github.com/sonic-net/sonic-buildimage/files/9550867/testresults.zip)
2022-10-06 17:51:31 -04:00
..
sonic_platform [device/mellanox] Mitigation for security vulnerability (#11877) 2022-10-06 17:51:31 -04:00
tests [device/mellanox] Mitigation for security vulnerability (#11877) 2022-10-06 17:51:31 -04:00
.gitignore [Mellanox] Refactor Mellanox platform API to support dynamic port configuration (#8422) 2021-10-25 07:59:06 +03:00
pytest.ini [Mellanox] Refactor Mellanox platform API to support dynamic port configuration (#8422) 2021-10-25 07:59:06 +03:00
setup.cfg Add thermal control support for SONiC (#3949) 2020-03-09 10:41:10 -07:00
setup.py [Mellanox] Add NVIDIA Copyright header to "mellanox" files (#8799) 2021-10-17 19:03:02 +03:00