qubes: validate if property value consists of ASCII only earlier

Do this for all standard property types - even if other types do
additional validation, do not expose them to non-ASCII characters.

QubesOS/qubes-issues#2622
This commit is contained in:
Marek Marczykowski-Górecki 2017-06-26 12:55:44 +02:00
parent 65d15e6040
commit 919841635b
No known key found for this signature in database
GPG Key ID: 063938BA42CFA724

View File

@ -331,11 +331,12 @@ class property(object): # pylint: disable=redefined-builtin,invalid-name
# do not treat type='str' as sufficient validation # do not treat type='str' as sufficient validation
if self.type is not None and self.type is not str: if self.type is not None and self.type is not str:
# assume specific type will preform enough validation # assume specific type will preform enough validation
try:
untrusted_newvalue = untrusted_newvalue.decode('ascii',
errors='strict')
except UnicodeDecodeError:
raise qubes.exc.QubesValueError
if self.type is bool: if self.type is bool:
try:
untrusted_newvalue = untrusted_newvalue.decode('ascii')
except UnicodeDecodeError:
raise qubes.exc.QubesValueError
return self.bool(None, None, untrusted_newvalue) return self.bool(None, None, untrusted_newvalue)
else: else:
try: try: