ashb commented on code in PR #68662:
URL: https://github.com/apache/airflow/pull/68662#discussion_r3435634025
##########
airflow-core/src/airflow/serialization/serialized_objects.py:
##########
@@ -662,6 +662,12 @@ def deserialize(cls, encoded_var: Any) -> Any:
exc_cls = import_string(exc_cls_name)
else:
exc_cls = import_string(f"builtins.{exc_cls_name}")
+ # ``exc_cls_name`` comes from the serialized payload. A tampered
blob can name any
+ # importable callable (``os.system``, ``builtins.exec``, ...)
which would then be
+ # invoked with attacker-supplied args. Only accept genuine
exception types, matching
+ # the import-path guards the timetable/window/wait-policy decoders
already apply.
+ if not (isinstance(exc_cls, type) and issubclass(exc_cls,
BaseException)):
Review Comment:
This doesn't defend against all that much -- by validating after the import
has happened, top level module code is executed.
Exactly which case under normal (non malicious) operation serializes an
exception?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
