matthew/sonic-buildimage
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
c7ecd92c54
sonic-buildimage/device/nokia/armhf-nokia_ixs7215_52x-r0/plugins/eeprom.py
Mai Bui 2b3e884209
[nokia] Replace os.system and remove subprocess with shell=True (#12100) 
Signed-off-by: maipbui <maibui@microsoft.com>
Dependency: [https://github.com/sonic-net/sonic-buildimage/pull/12065](https://github.com/sonic-net/sonic-buildimage/pull/12065)
#### Why I did it
`subprocess.Popen()` and `subprocess.run()` is used with `shell=True`, which is very dangerous for shell injection.
`os` - not secure against maliciously constructed input and dangerous if used to evaluate dynamic content
`getstatusoutput` is dangerous because it contains `shell=True` in the implementation
#### How I did it
Replace `os` by `subprocess`, use with `shell=False`
Remove unused functions
2022-12-01 12:12:50 -05:00

17 lines
576 B
Python
Raw Blame History

try:
import os
from sonic_eeprom import eeprom_tlvinfo
except ImportError as e:
raise ImportError(str(e) + "- required module not found")
class board(eeprom_tlvinfo.TlvInfoDecoder):
def __init__(self, name, path, cpld_root, ro):
self.eeprom_path = "/sys/class/i2c-adapter/i2c-0/0-0053/eeprom"
if not os.path.exists(self.eeprom_path):
file = "/sys/class/i2c-adapter/i2c-0/new_device"
with open(file, 'w') as f:
f.write('24c02 0x53\n')
super(board, self).__init__(self.eeprom_path, 0, '', True)
Reference in New Issue View Git Blame Copy Permalink