naruto-lgtm opened a new pull request, #68662: URL: https://github.com/apache/airflow/pull/68662
`BaseSerialization.deserialize` rebuilds `AIRFLOW_EXC_SER`/`BASE_EXC_SER` payloads by feeding `exc_cls_name` straight into `import_string` and then calling the result as `exc_cls(*args, **kwargs)`, with the class name and arguments all taken from the serialized blob. A tampered payload can name any importable callable (`os.system`, `builtins.exec`, `builtins.eval`, ...) and have it invoked with attacker-chosen arguments, so anything that deserializes a crafted object runs arbitrary code, including the scheduler reading a serialized Dag where user code is never meant to run. The decoders for timetables, windows and wait policies already refuse non-core import paths before handing them to `import_string`; the exception branch was the gap. This checks that the resolved object is a real exception type before instantiating it and raises `DeserializationError` otherwise. Putting the check next to the import keeps both exception branches covered in one place, and legitimate `AirflowException`/`KeyError`/`AttributeError` round-trips are unaffected. --- ##### Was generative AI tooling used to co-author this PR? - [ ] Yes (please specify the tool below) <!-- Generated-by: [Tool Name] following [the guidelines](https://github.com/apache/airflow/blob/main/contributing-docs/05_pull_requests.rst#gen-ai-assisted-contributions) --> -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
