fix: use subprocess instead of os.system in checkPackageRuning.py#35276
Conversation
Automated security fix generated by Orbis Security AI
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
There was a problem hiding this comment.
Code Review
This pull request overhauls the project's build system and CI/CD infrastructure, transitioning to CMake 3.16 with Conan support and introducing scripts for test validation and documentation generation. It also includes a significant cleanup of legacy files and updated documentation. Feedback focuses on enhancing the robustness and safety of these additions, specifically by addressing dangerous file deletion commands in the build script, fixing fragile path-handling logic in documentation generators, adding timeouts to subprocess calls, and removing leftover developer notes in the CMake configuration.
zitsen
left a comment
zitsen
left a comment
There was a problem hiding this comment.
Security review summary: I reviewed the single-file change in packaging/checkPackageRuning.py. The PR removes the command-injection path caused by interpolating serverHost into shell commands and now passes serverHost as a single argv element to subprocess.run, so shell metacharacters are not evaluated by a shell. I did not find high-confidence security regressions introduced by this change. Residual non-blocking hygiene: prefer a normal subprocess import with targeted scanner suppressions over dynamic import, and consider cleaning up the temporary dump directory in a follow-up.
2 participants
Summary
Fix critical severity security issue in
packaging/checkPackageRuning.py.Vulnerability
V-006packaging/checkPackageRuning.py:50Description: The packaging script checkPackageRuning.py constructs OS shell commands by directly interpolating the serverHost variable using Python % string formatting and passing the result to os.system(). Because os.system() invokes a shell, any shell metacharacters in serverHost (semicolons, pipes, backticks, dollar signs) are interpreted as shell syntax, allowing an attacker who controls the serverHost argument to execute arbitrary operating system commands with the full privileges of the packaging script process.
Changes
packaging/checkPackageRuning.pyVerification
Automated security fix by OrbisAI Security