]> review.fuel-infra Code Review - openstack-build/cinder-build.git/commit
Code Review / openstack-build / cinder-build.git / commit
? search:
summary | shortlog | log | commit | commitdiff | review | tree
(parent: 3437a37) | patch
Tidy up the SSH call to avoid injection attacks in storwize_svc
authorHaomai Wang <haomai@unitedstack.com>
Wed, 17 Jul 2013 13:36:55 +0000 (21:36 +0800)
committerHaomai Wang <haomai@unitedstack.com>
Wed, 31 Jul 2013 13:50:41 +0000 (21:50 +0800)
commitf752302d181583a95cf44354aea607ce9d9283f4
tree4454407cdd37a7236fd3a9a7cbbfa5c094089aa7tree | snapshot
parent3437a37d1ae86fa256663dc89f9d325514d09bd9commit | diff
Tidy up the SSH call to avoid injection attacks in storwize_svc

Let the command and arguments form up a list and avoid the extra arguments
attackers inserted to the command string

fix bug 1192971

Change-Id: I57b3fe60e64d9d0dc1ea9a18442c877be2ceece3
cinder/exception.py diff | blob | history
cinder/tests/test_storwize_svc.py diff | blob | history
cinder/utils.py diff | blob | history
cinder/volume/drivers/san/san.py diff | blob | history
cinder/volume/drivers/storwize_svc.py diff | blob | history