search

saltstack-formulas / snmp-formula

http://docs.saltstack.com/en/latest/topics/development/conventions/formulas.html
Other
17 stars 49 forks source link

[BUG] Unsafe Jinja no longer works with v3002.5 #40

Closed doubletwist13 closed 3 years ago

doubletwist13 commented 3 years ago

Your setup

Formula commit hash / release tag

commit 1a0a422981ee5087c3a3565b32171accf4163899

Versions reports (master & minion)

Salt Version: Salt: 3002.5

Dependency Versions: cffi: Not Installed cherrypy: unknown dateutil: Not Installed docker-py: Not Installed gitdb: 0.6.4 gitpython: 1.0.1 Jinja2: 2.11.1 libgit2: Not Installed M2Crypto: 0.35.2 Mako: Not Installed msgpack: 0.6.2 msgpack-pure: Not Installed mysql-python: Not Installed pycparser: Not Installed pycrypto: Not Installed pycryptodome: Not Installed pygit2: Not Installed Python: 3.6.8 (default, Nov 11 2020, 09:19:43) python-gnupg: Not Installed PyYAML: 5.1.2 PyZMQ: 17.0.0 smmap: 0.9.0 timelib: Not Installed Tornado: 4.5.3 ZMQ: 4.1.4

System Versions: dist: ol 7.9 locale: UTF-8 machine: x86_64 release: 5.4.17-2036.103.3.1.el7uek.x86_64 system: Linux version: Oracle Linux Server 7.9

Pillar / config used

snmp:
  conf:
    syscontact: 'mycontact@example.com'
    rocommunities:
      somerocommunity:
        source:
          - x.x.x.x
       location: somelocation

Bug details

Formula fails with jinja errors about unsafe objects in v3002.5 - likely due to fix for CVE-2021-25283 Issue appears to be in macro.jinja

----------
          ID: snmp_conf
    Function: file.managed
        Name: /etc/snmp/snmpd.conf
      Result: False
     Comment: An exception occurred in this state: Traceback (most recent call last):
                File "/usr/lib/python3.6/site-packages/salt/utils/templates.py", line 501, in render_jinja_tmpl
                  output = template.render(**decoded_context)
                File "/usr/lib/python3.6/site-packages/jinja2/environment.py", line 1090, in render
                  self.environment.handle_exception()
                File "/usr/lib/python3.6/site-packages/jinja2/environment.py", line 832, in handle_exception
                  reraise(*rewrite_traceback_stack(source=source))
                File "/usr/lib/python3.6/site-packages/jinja2/_compat.py", line 28, in reraise
                  raise value.with_traceback(tb)
                File "<template>", line 164, in top-level template code
                File "/usr/lib/python3.6/site-packages/jinja2/sandbox.py", line 462, in call
                  return __context.call(__obj, *args, **kwargs)
                File "/usr/lib/python3.6/site-packages/jinja2/runtime.py", line 679, in _invoke
                  rv = self._func(*arguments)
                File "/var/cache/salt/minion/files/base/snmp/macros.jinja", line 5, in template
                  {% set communities = conf.get(mode+'communities'+proto, []) -%}
              jinja2.exceptions.SecurityError: access to attribute '__class__' of 'dict' object is unsafe.

              During handling of the above exception, another exception occurred:

              Traceback (most recent call last):
                File "/usr/lib/python3.6/site-packages/salt/state.py", line 2154, in call
                  *cdata["args"], **cdata["kwargs"]
                File "/usr/lib/python3.6/site-packages/salt/loader.py", line 2106, in wrapper
                  return f(*args, **kwargs)
                File "/usr/lib/python3.6/site-packages/salt/states/file.py", line 3149, in managed
                  **kwargs
                File "/usr/lib/python3.6/site-packages/salt/modules/file.py", line 5403, in check_managed_changes
                  **kwargs
                File "/usr/lib/python3.6/site-packages/salt/modules/file.py", line 4661, in get_managed
                  **kwargs
                File "/usr/lib/python3.6/site-packages/salt/utils/templates.py", line 261, in render_tmpl
                  output = render_str(tmplstr, context, tmplpath)
                File "/usr/lib/python3.6/site-packages/salt/utils/templates.py", line 519, in render_jinja_tmpl
                  "Jinja syntax error: {}{}".format(exc, out), line, tmplstr
              salt.exceptions.SaltRenderError: Jinja syntax error: access to attribute '__class__' of 'dict' object is unsafe.
              /var/cache/salt/minion/files/base/snmp/macros.jinja(5):
              ---
              {% from "snmp/conf.jinja" import conf with context -%}

              {# mode can be either 'ro' or 'rw' #}
              {%- macro v12c_communities(mode, proto='') -%}
                {% set communities = conf.get(mode+'communities'+proto, []) -%}    <======================
                {%- for community in communities %}
                  {%- if communities.__class__ == {}.__class__ and communities.get(community, {}) is  mapping %}
                    {%- set source = communities.get(community).get('source', '') %}
                    {%- set view = communities.get(community).get('view', None) %}
                  {%- else %}
              [...]
              ---
     Started: 22:45:50.434915
    Duration: 670.872 ms
     Changes:

Steps to reproduce the bug

salt * state.apply snmp.conf

Expected behaviour

Expect states to apply without error

Attempts to fix the bug

N/A

Additional context

N/A

myii commented 3 years ago

Thanks for the report, @doubletwist13. At least all of these llines are going to have to be adjusted:

myii commented 3 years ago

@doubletwist13 Would you mind testing the fix proposed in #41? If you get a chance, please post your feedback there.