From: Jason Ish <jason.ish@oisf.net>
Date: Sun, 12 Dec 2021 20:18:15 +0000 (-0600)
Subject: runner: make env string safe before substitution
X-Git-Tag: suricata-6.0.5~55
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=refs%2Fpull%2F606%2Fhead;p=thirdparty%2Fsuricata-verify.git

runner: make env string safe before substitution

The environment cannot always be used safely with
string.Template as not all environment variables
are string safe.

Before substituting environment vars in the command
and args, sanitized to string safe values.
---

diff --git a/run.py b/run.py
index cac453093..522d953cd 100755
--- a/run.py
+++ b/run.py
@@ -610,6 +610,10 @@ class TestRunner:
 
         env = self.build_env()
 
+        safe_env = {}
+        for key in env:
+            safe_env[key] = str(env[key])
+
         if "count" in self.config:
             count = self.config["count"]
         else:
@@ -633,10 +637,10 @@ class TestRunner:
 
             if shell:
                 template = string.Template(args)
-                cmdline = template.substitute(env)
+                cmdline = template.substitute(safe_env)
             else:
                 for a in range(len(args)):
-                    args[a] = string.Template(args[a]).substitute(env)
+                    args[a] = string.Template(args[a]).substitute(safe_env)
                 cmdline = " ".join(args) + "\n"
 
             open(os.path.join(self.output, "cmdline"), "w").write(cmdline)