-
-
Notifications
You must be signed in to change notification settings - Fork 194
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Extensible serializers support #209
base: master
Are you sure you want to change the base?
Conversation
1 similar comment
Would it make sense to encode bytes in base64 (or something else) with JSON? Having bytes in an object is a relatively common case and JSON can't serialize bytes. If you look at the example below,
|
All in all, it’s developer’s responsibility, not library’s one. |
I see 2 options for supporting bytes:
|
Just to point out that The special key was Here's an example that's even more clear showing that having
|
My bad, I mean
|
@sh4nks are there any updates? |
I’ve obtained CVE ID (CVE-2021-33026) for this issue. |
Hi, sorry for ignoring this issue for a while. Due to RL I don't have as much time as I'd like for maintenance work. I'll try to take a closer look today or tomorrow. |
Pylibmc also uses pickle by default. @sh4nks maybe we should force (de-)serialize data on our own? |
Revert "Add test_generic_get_bytes" Refs: 6ace510
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
As stated above, we consider the CVE invalid. You'll want to figure out how to mark those as invalid in whatever scanning tool is reporting them to you. Use of pickle on its own isn't a security issue, it would only be an issue if we were loading arbitrary data, which we're not. This repo has recently changed maintainers, and the volunteer maintainers are still trying to find time to start working on various issues. There is a PR in cachelib to support serializer customization, and we will be transitioning flask-caching to use cachelib. |
Is there any way to get the CVE closed? I use flask-caching in a library that I provide to others and I'm not thrilled with people being concerned about getting weekly dependabot notifications for this issue which boils down to "if you let people upload code to your server, they can run it." |
Still not able to close the CVE? My gitlab vulnerability report is also complaining. |
For my projects I ended up just telling dependabot to ignore the CVE on the basis of “risk is tolerable to this project.” That doesn’t help downstream users though. :( |
First of all, thanks for the great work with flask-caching. |
Once #308 is merged, this will need some updates due to cachelib:#63 |
I see only one way to update this according to changes - close the PR and open a new one :) @northernSage may be we can implement common serializers (json, pickle with hmac) in Note about severity: |
self._serializer = serializer | ||
|
||
def dumps(self, obj, *args, **kwargs): | ||
result = self._serializer.dumps(obj, *args, **kwargs) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
When I set the default serializer in base.py
to json
, many tests failed because they could not serialize bytes to str.
I fixed it with the following, which I think should be included if this BytesSerializer is to work with the JSON serializer properly: NotoriousPyro/flask-caching-json@591f89e#diff-67f94315529cee25fa3dc7c13b27c29fdf9c96fd765156090247b49d587ba08cR16-R17
def dumps(self, obj, *args, **kwargs):
if isinstance(obj, bytes):
obj = obj.decode("UTF-8")
result = self._serializer.dumps(obj, *args, **kwargs)
if isinstance(result, str):
return result.encode()
return result
Hi, are there any updates on how this pull request or the corresponding CVE will be handled in the library? Will other serializers (e.g. json) be offered as @subnix suggested? |
Hi, Any update on when this PR will be merged to reslove this CVE issue ? |
@shahwaizkhan, @rylyade1 We are currently going through an internal refactor process, please see #308 mentioned in my previous comment:
Bear in mind that cachelib (which is now flask-caching's backend) already supports custom/configurable serializers, what is left now is exposing this functionality in a convenient way through flask-caching's API, ongoing in pallets-eco/cachelib#136 (comment) |
Can I get some clarity here, if a user controls the parameters being passed to the memoize function, can they execute code? |
The issue isn't about memoization, it's about the deserialization from the cache, due to its use of Pickle. See https://security.stackexchange.com/a/201243/5176 for an example of such an attack. For an attack like this to work, an attacker must:
Any situation where all 3 of those is true is a situation where the application has larger problems; for example, if someone's able to inject malicious cached rendered pages into a Flask app's cache, then they can make the website say literally anything they want, regardless of whether it involves the execution of remote code. Basically, the Pickle vulnerability follows from a website already being extremely vulnerable (due to conditions 1 and 2 being met). Remote code execution is definitely a bad thing, but in any situation where RCE can be triggered through this (extremely theoretical) vulnerability, there's already bigger problems with the website. |
Hi all, I am looking for solution to the vulnerability for flask-caching. Can you please let me know if there is a solution to use? This is a bit urgent so would appreciate any response. Thank you. Thanks |
This is not really urgent nor an actual vulnerability. The ONLY case where this can be exploited is if your infrastructure is already compromised and an attacker can write arbitrary data to your cache backend. Please see the comment right above yours as well. |
I just submitted an update request to mitre.org with the following description:
|
I forked the repo and made a library extending this that replaces the serializers, though its been a while since I worked on it since we went with Next.js instead. I have no idea if it still works. I think it should even be able to serialize bytes to json, by base64 it... again no guarantees and no warranty... https://github.com/NotoriousPyro/flask-caching-json |
Per pallets-eco/flask-caching#209, this is not considered to be a vulnerability.
Pickle serializer is not secure and may lead to remote code execution or local privilege escalation. If attacker gains access to cache storage (filesystem, memcached, redis) then he can craft special payload, poison the cache and execute python-code. To avoid the attack we can use a safer serializer (eg. JSON).
I’ve added possibility to use any serializer. All changes are backward compatible and default serializer is pickle.
References:
https://cwe.mitre.org/data/definitions/94.html
https://cwe.mitre.org/data/definitions/502.html
https://davidhamann.de/2020/04/05/exploiting-python-pickle/ (attack example)