From 203f3e55339c878e750829588c5430240d3dd486 Mon Sep 17 00:00:00 2001 From: Alejandro Sirgo Rica Date: Thu, 12 Dec 2024 11:20:23 +0100 Subject: live: add additional error checks for shell run Add checks for invalid arguments and permission errors. --- src/live/ogOperations.py | 8 ++++++++ 1 file changed, 8 insertions(+) (limited to 'src/live') diff --git a/src/live/ogOperations.py b/src/live/ogOperations.py index a692c01..b1aa731 100644 --- a/src/live/ogOperations.py +++ b/src/live/ogOperations.py @@ -381,6 +381,9 @@ class OgLiveOperations: cmd = request.getrun() is_inline = request.get_inline() + if not cmd: + raise OgError("No command provided for shell run") + self._restartBrowser(self._url_log) if is_inline: @@ -389,6 +392,9 @@ class OgLiveOperations: cmds = shlex.split(cmd) shell_path = '/opt/opengnsys/shell/' + if not cmds: + raise OgError("Parsed shell command list is empty") + try: shell_path_files = os.listdir(shell_path) except OSError as e: @@ -404,6 +410,8 @@ class OgLiveOperations: else: raise OgError(f'Script {cmds[0]} not found in {shell_path}') + if not os.path.isfile(cmds[0]) or not os.access(cmds[0], os.X_OK): + raise OgError(f"Command '{cmds[0]}' is not a valid executable") try: ogRest.proc = subprocess.Popen( cmds, -- cgit v1.2.3-18-g5258