[02/11] qemu.py: Avoid dangerous arguments

Message ID	20170720162815.19802-3-ldoktor@redhat.com
State	New
Headers	show Return-Path: <qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org> DMARC-Filter: OpenDMARC Filter v1.3.2 mx1.redhat.com A1E536574B From: =?UTF-8?q?Luk=C3=A1=C5=A1=20Doktor?= <ldoktor@redhat.com> To: ldoktor@redhat.com, apahim@redhat.com, qemu-devel@nongnu.org, famz@redhat.com, armbru@redhat.com, mreitz@redhat.com, ehabkost@redhat.com Date: Thu, 20 Jul 2017 18:28:06 +0200 Message-Id: <20170720162815.19802-3-ldoktor@redhat.com> In-Reply-To: <20170720162815.19802-1-ldoktor@redhat.com> References: <20170720162815.19802-1-ldoktor@redhat.com> MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Subject: [Qemu-devel] [PATCH 02/11] qemu.py: Avoid dangerous arguments Precedence: list Errors-To: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org Sender: "Qemu-devel" <qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org>

Message ID

20170720162815.19802-3-ldoktor@redhat.com

State

New

Headers

DMARC-Filter: OpenDMARC Filter v1.3.2 mx1.redhat.com A1E536574B
From: =?UTF-8?q?Luk=C3=A1=C5=A1=20Doktor?= <ldoktor@redhat.com>
To: ldoktor@redhat.com, apahim@redhat.com, qemu-devel@nongnu.org,
	famz@redhat.com, armbru@redhat.com, mreitz@redhat.com,
	ehabkost@redhat.com
Date: Thu, 20 Jul 2017 18:28:06 +0200
Message-Id: <20170720162815.19802-3-ldoktor@redhat.com>
In-Reply-To: <20170720162815.19802-1-ldoktor@redhat.com>
References: <20170720162815.19802-1-ldoktor@redhat.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
Subject: [Qemu-devel] [PATCH 02/11] qemu.py: Avoid dangerous arguments
Precedence: list
Errors-To: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org
Sender: "Qemu-devel"
	<qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org>

Commit Message

Lukáš Doktor July 20, 2017, 4:28 p.m. UTC

The list object is mutable in python and potentially might modify other
object's arguments when used as default argument. Reproducer:

    >>> vm1 = QEMUMachine("qemu")
    >>> vm2 = QEMUMachine("qemu")
    >>> vm1._wrapper.append("foo")
    >>> print vm2._wrapper
    ['foo']

In this case the `args` is actually copied so it would be safe to keep
it, but it's not a good practice to keep it.

Signed-off-by: Lukáš Doktor <ldoktor@redhat.com>
---
 scripts/qemu.py | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

Comments

Eduardo Habkost July 20, 2017, 6:19 p.m. UTC | #1

On Thu, Jul 20, 2017 at 06:28:06PM +0200, Lukáš Doktor wrote:
> The list object is mutable in python and potentially might modify other
> object's arguments when used as default argument. Reproducer:
> 
>     >>> vm1 = QEMUMachine("qemu")
>     >>> vm2 = QEMUMachine("qemu")
>     >>> vm1._wrapper.append("foo")
>     >>> print vm2._wrapper
>     ['foo']
> 
> In this case the `args` is actually copied so it would be safe to keep
> it, but it's not a good practice to keep it.
> 
> Signed-off-by: Lukáš Doktor <ldoktor@redhat.com>

Reviewed-by: Eduardo Habkost <ehabkost@redhat.com>

Philippe Mathieu-Daudé July 22, 2017, 1:22 a.m. UTC | #2

On 07/20/2017 01:28 PM, Lukáš Doktor wrote:
> The list object is mutable in python and potentially might modify other
> object's arguments when used as default argument. Reproducer:
> 
>      >>> vm1 = QEMUMachine("qemu")
>      >>> vm2 = QEMUMachine("qemu")
>      >>> vm1._wrapper.append("foo")
>      >>> print vm2._wrapper
>      ['foo']
> 
> In this case the `args` is actually copied so it would be safe to keep
> it, but it's not a good practice to keep it.
> 
> Signed-off-by: Lukáš Doktor <ldoktor@redhat.com>

Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>

> ---
>   scripts/qemu.py | 6 +++++-
>   1 file changed, 5 insertions(+), 1 deletion(-)
> 
> diff --git a/scripts/qemu.py b/scripts/qemu.py
> index 191c916..66fd863 100644
> --- a/scripts/qemu.py
> +++ b/scripts/qemu.py
> @@ -23,7 +23,7 @@ import qmp.qmp
>   class QEMUMachine(object):
>       '''A QEMU VM'''
>   
> -    def __init__(self, binary, args=[], wrapper=[], name=None,
> +    def __init__(self, binary, args=None, wrapper=None, name=None,
>                    test_dir="/var/tmp", monitor_address=None,
>                    socket_scm_helper=None, debug=False):
>           '''
> @@ -39,6 +39,10 @@ class QEMUMachine(object):
>           @param debug: enable debug mode (forwarded to QMP helper and such)
>           @note: Qemu process is not started until launch() is used.
>           '''
> +        if args is None:
> +            args = []
> +        if wrapper is None:
> +            wrapper = []
>           if name is None:
>               name = "qemu-%d" % os.getpid()
>           if monitor_address is None:
>

diff --git a/scripts/qemu.py b/scripts/qemu.py
index 191c916..66fd863 100644
--- a/scripts/qemu.py
+++ b/scripts/qemu.py
@@ -23,7 +23,7 @@  import qmp.qmp
 class QEMUMachine(object):
     '''A QEMU VM'''
 
-    def __init__(self, binary, args=[], wrapper=[], name=None,
+    def __init__(self, binary, args=None, wrapper=None, name=None,
                  test_dir="/var/tmp", monitor_address=None,
                  socket_scm_helper=None, debug=False):
         '''
@@ -39,6 +39,10 @@  class QEMUMachine(object):
         @param debug: enable debug mode (forwarded to QMP helper and such)
         @note: Qemu process is not started until launch() is used.
         '''
+        if args is None:
+            args = []
+        if wrapper is None:
+            wrapper = []
         if name is None:
             name = "qemu-%d" % os.getpid()
         if monitor_address is None:

[02/11] qemu.py: Avoid dangerous arguments

Commit Message

Comments

Patch