Skip to content

Potential fix for code scanning alert no. 2: Uncontrolled command line #16

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Draft
sys-vdms wants to merge 1 commit into
base: main
Choose a base branch
from
Draft

Potential fix for code scanning alert no. 2: Uncontrolled command line #16

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 4 additions & 2 deletions video/info.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,7 @@ def check_origin(self, origin):
def _get_info(self, video):
width = height = duration = fps = nb_frames = 0

input_path = safely_join_path(self._mp4path, video)
cmd = [
"/usr/local/bin/ffprobe",
"-v",
Expand All @@ -33,7 +34,7 @@ def _get_info(self, video):
"-count_frames",
"-show_streams",
"-i",
safely_join_path(self._mp4path, video),
input_path,
]
with Popen(
cmd, stdout=PIPE, stderr=STDOUT, bufsize=1, universal_newlines=True
Expand All @@ -56,8 +57,9 @@ def _get_info(self, video):
fps = float(eq[0]) / float(eq[1])
if line.startswith("nb_read_frames="):
nb_frames = int(line.split("=")[-1])
p.stdout.close()
p.wait()
if p.returncode != 0:
raise RuntimeError(f"ffprobe failed for input {input_path!r} with code {p.returncode}")
if fps == 0 and (nb_frames != 0 and duration != 0):
fps = nb_frames / duration
return {
Expand Down
10 changes: 9 additions & 1 deletion video/utils.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
import os

import re

def safely_join_path(base_dir, add_path):
safe_base = os.path.abspath(base_dir)
Expand Down Expand Up @@ -34,5 +34,13 @@ def validate_video_name(name):
raise ValueError("Video name cannot be empty")
# Disallow path separators to ensure this is just a file name.
if os.sep in cleaned or "/" in cleaned or "\\" in cleaned:
# Restrict the video name to a safe subset of characters to avoid
# passing arbitrary strings to external commands.
# Allow letters, digits, underscore, hyphen and dot, and disallow
# leading dot to avoid hidden or special files.
if cleaned.startswith("."):
raise ValueError(f"Invalid video name: {cleaned}")
if not re.fullmatch(r"[A-Za-z0-9._-]+", cleaned):
raise ValueError(f"Invalid video name: {cleaned}")
raise ValueError(f"Invalid video name: {cleaned}")
return cleaned