Skip to content

Commit

Permalink
minor bug fixes
Browse files Browse the repository at this point in the history
  • Loading branch information
BenediktMKuehne committed Dec 1, 2023
1 parent c1b3d9b commit 7433f97
Show file tree
Hide file tree
Showing 5 changed files with 14 additions and 7 deletions.
6 changes: 3 additions & 3 deletions embark/embark/__init__.py
Original file line number Diff line number Diff line change
Expand Up @@ -8,9 +8,9 @@

def check_tz() -> bool:
cmd = "date +%Z"
process = Popen(cmd, shell=True, stdout=PIPE, stderr=PIPE) # nosec
system_tz, _error = process.communicate()
ret_code = process.returncode
with Popen(cmd, shell=True, stdout=PIPE, stderr=PIPE) as process:
system_tz, _error = process.communicate()
ret_code = process.returncode
if ret_code != 0 :
logger.error("check_tz.error: %s", _error)
return False
Expand Down
4 changes: 2 additions & 2 deletions embark/porter/importer.py
Original file line number Diff line number Diff line change
Expand Up @@ -107,8 +107,8 @@ def f50_csv(file_path, analysis_id):
res.canary_per = int(res_dict.get("canary_per", 0))
res.relro = int(res_dict.get("relro", 0))
res.relro_per = int(res_dict.get("relro_per", 0))
res.no_exec = int(res_dict.get("no_exec", 0))
res.no_exec_per = int(res_dict.get("no_exec_per", 0))
res.no_exec = int(res_dict.get("nx", 0))
res.no_exec_per = int(res_dict.get("nx_per", 0))
res.pie = int(res_dict.get("pie", 0))
res.pie_per = int(res_dict.get("pie_per", 0))
res.stripped = int(res_dict.get("stripped", 0))
Expand Down
3 changes: 2 additions & 1 deletion embark/reporter/views.py
Original file line number Diff line number Diff line change
Expand Up @@ -57,7 +57,8 @@ def html_report_path(request, analysis_id, html_path, html_file):
if FirmwareAnalysis.objects.filter(id=analysis_id).exists():
analysis = FirmwareAnalysis.objects.get(id=analysis_id)
if analysis.hidden is False or analysis.user == request.user or request.user.is_superuser:
html_body = get_template(report_path)
with open(report_path, 'rb') as requested_file:

Check failure

Code scanning / CodeQL

Uncontrolled data used in path expression High

This path depends on a
user-provided value
.
html_body = requested_file.read()
logger.debug("html_report - analysis_id: %s path: %s html_file: %s", analysis_id, html_path, html_file)
return HttpResponse(html_body.render({'embarkBackUrl': reverse('embark-ReportDashboard')}))
messages.error(request, "User not authorized")
Expand Down
2 changes: 1 addition & 1 deletion embark/static/scripts/individualReportDashboard.js
Original file line number Diff line number Diff line change
Expand Up @@ -191,7 +191,7 @@ get_individual_report().then(function (returnData) {
"High CVE": returnData.cve_high,
"Medium CVE": returnData.cve_medium,
"Low CVE": returnData.cve_low,
"NX disabled binaries": returnData.nx,
"NX disabled binaries": returnData.no_exec,
"RELRO disabled binaries": returnData.relro,
"PIE disabled binaries": returnData.pie,
"Stack canaries disabled binaries": returnData.canary,
Expand Down
6 changes: 6 additions & 0 deletions installer.sh
Original file line number Diff line number Diff line change
Expand Up @@ -294,7 +294,13 @@ install_embark_default(){
#Add user for server
if ! cut -d: -f1 /etc/passwd | grep -E www-embark ; then
useradd www-embark -G sudo -c "embark-server-user" -M -r --shell=/usr/sbin/nologin -d /var/www/embark
fi
# emba nopw
if ! grep 'www-embark ALL=(ALL) NOPASSWD: /var/www/emba/emba' /etc/sudoers ; then
echo 'www-embark ALL=(ALL) NOPASSWD: /var/www/emba/emba' | EDITOR='tee -a' visudo
fi
# pkill nopw
if ! grep 'www-embark ALL=(ALL) NOPASSWD: /bin/pkill' /etc/sudoers ; then
echo 'www-embark ALL=(ALL) NOPASSWD: /bin/pkill' | EDITOR='tee -a' visudo
fi

Expand Down

0 comments on commit 7433f97

Please sign in to comment.