#31907 closed Bug (fixed)
Inconsistent key validation checks in cache backends.
Description (last modified by ) ¶
The fix for CVE2020-13254 ensured that validate_key()
was called for most cache-related operations to avoid a potential get/set key-clash.
There are some other operations that are not properly validated in some of the backend (sub)classes:
LocMemcache.touch()
BaseMemcachedCache.delete_many()
MemcachedCache.touch()
MemcachedCache.get()
MemcachedCache.delete()
PyLibMCCache.touch()
The fix to this should also include a test to ensure that self.validate_key(key)
is called for all operations to avoid this issue in future.
Note that this was originally raised via the security mailing list, but the decision was to handle this by raising a pull request.
The main concern here is the potential for data loss in the unvalidated delete()
and delete_many()
operations.
Change History (6)
comment:1 by , 5 years ago
Has patch: | set |
---|
comment:2 by , 5 years ago
Description: | modified (diff) |
---|
comment:3 by , 5 years ago
Triage Stage: | Unreviewed → Accepted |
---|
PR