????
Your IP : 18.116.14.96
# -*- coding: utf-8 -*-
#
# This file is part of Glances.
#
# SPDX-FileCopyrightText: 2022 Nicolas Hennion <nicolas@nicolargo.com>
#
# SPDX-License-Identifier: LGPL-3.0-only
#
"""Secures functions for Glances"""
from glances.compat import nativestr
from subprocess import Popen, PIPE
import re
def secure_popen(cmd):
"""A more or less secure way to execute system commands
Multiple command should be separated with a &&
:return: the result of the commands
"""
ret = ''
# Split by multiple commands '&&'
for c in cmd.split('&&'):
ret += __secure_popen(c)
return ret
def __secure_popen(cmd):
"""A more or less secure way to execute system command
Manage redirection (>) and pipes (|)
"""
# Split by redirection '>'
cmd_split_redirect = cmd.split('>')
if len(cmd_split_redirect) > 2:
return 'Glances error: Only one file redirection allowed ({})'.format(cmd)
elif len(cmd_split_redirect) == 2:
stdout_redirect = cmd_split_redirect[1].strip()
cmd = cmd_split_redirect[0]
else:
stdout_redirect = None
sub_cmd_stdin = None
p_last = None
# Split by pipe '|'
for sub_cmd in cmd.split('|'):
# Split by space character, but do no split spaces within quotes
sub_cmd_split = [_ for _ in list(filter(None, re.split(r'(\s+)|(".*?"+?)|(\'.*?\'+?)', sub_cmd))) if _ != ' ']
p = Popen(sub_cmd_split, shell=False, stdin=sub_cmd_stdin, stdout=PIPE, stderr=PIPE)
if p_last is not None:
# Allow p_last to receive a SIGPIPE if p exits.
p_last.stdout.close()
p_last = p
sub_cmd_stdin = p.stdout
p_ret = p_last.communicate()
if nativestr(p_ret[1]) == '':
# No error
ret = nativestr(p_ret[0])
if stdout_redirect is not None:
# Write result to redirection file
with open(stdout_redirect, "w") as stdout_redirect_file:
stdout_redirect_file.write(ret)
else:
# Error
ret = nativestr(p_ret[1])
return ret