From: Alejandro Vallejo Date: Mon, 25 Sep 2023 17:32:22 +0000 (+0100) Subject: tools/pygrub: Small refactors X-Git-Tag: RELEASE-4.15.6~54 X-Git-Url: http://xenbits.xensource.com/gitweb?a=commitdiff_plain;h=844bcf0274938489caa8e431915c93f01b61b443;p=xen.git tools/pygrub: Small refactors Small tidy up to ensure output_directory always has a trailing '/' to ease concatenating paths and that `output` can only be a filename or None. This is part of XSA-443 / CVE-2023-34325 Signed-off-by: Alejandro Vallejo (cherry picked from commit 9f2ff9a7c9b3ac734ae99f17f0134ed0343dcccf) --- diff --git a/tools/pygrub/src/pygrub b/tools/pygrub/src/pygrub index ce4e07d3e8..1042c05b86 100755 --- a/tools/pygrub/src/pygrub +++ b/tools/pygrub/src/pygrub @@ -793,7 +793,7 @@ if __name__ == "__main__": debug = False not_really = False output_format = "sxp" - output_directory = "/var/run/xen/pygrub" + output_directory = "/var/run/xen/pygrub/" # what was passed in incfg = { "kernel": None, "ramdisk": None, "args": "" } @@ -815,7 +815,8 @@ if __name__ == "__main__": usage() sys.exit() elif o in ("--output",): - output = a + if a != "-": + output = a elif o in ("--kernel",): incfg["kernel"] = a elif o in ("--ramdisk",): @@ -847,12 +848,11 @@ if __name__ == "__main__": if not os.path.isdir(a): print("%s is not an existing directory" % a) sys.exit(1) - output_directory = a + output_directory = a + '/' if debug: logging.basicConfig(level=logging.DEBUG) - try: os.makedirs(output_directory, 0o700) except OSError as e: @@ -861,7 +861,7 @@ if __name__ == "__main__": else: raise - if output is None or output == "-": + if output is None: fd = sys.stdout.fileno() else: fd = os.open(output, os.O_WRONLY)