CVE-2022-3650: ceph-crash: fix stderr handling

Bug: a77b47eeeb5770eeefcf4619ab2105ee7a6a003e
Signed-off-by: Tim Serong <tserong@suse.com>
Bug-Debian: https://bugs.debian.org/1024932
Origin: upstream, https://github.com/ceph/ceph/commit/45915540559126a652f8d9d105723584cfc63439
Last-Update: 2022-11-28

Popen.communicate() returns a tuple (stdout, stderr), and stderr
will be of type bytes, hence the need to decode it before checking
if it's an empty string or not.

Gbp-Pq: Name CVE-2022-3650_2_ceph-crash_fix_stderr_handling.patch

diff --git a/src/ceph-crash.in b/src/ceph-crash.in
index 18d3191d7e1db1aa79b0fdb74467a695566f53cb..c449d86ca312d5ad9c60bbdd47285f7551128044 100755 (executable)
--- a/src/ceph-crash.in
+++ b/src/ceph-crash.in
@@ -50,7 +50,8 @@ def post_crash(path):
             stderr=subprocess.PIPE,
         )
         f = open(os.path.join(path, 'meta'), 'rb')
-        stderr = pr.communicate(input=f.read())
+        (_, stderr) = pr.communicate(input=f.read())
+        stderr = stderr.decode()
         rc = pr.wait()
         f.close()
         if rc != 0 or stderr != "":