python.lang.security.audit.conn_recv.multiprocessing-recv
Community Favorite
semgrep
Author
70,993
Download Count*
License
The Connection.recv() method automatically unpickles the data it receives, which can be a security risk unless you can trust the process which sent the message. Therefore, unless the connection object was produced using Pipe() you should only use the recv() and send() methods after performing some sort of authentication. See more dettails: https://docs.python.org/3/library/multiprocessing.html?highlight=security#multiprocessing.connection.Connection
Run Locally
Run in CI
Defintion
rules:
- id: multiprocessing-recv
languages:
- python
message: "The Connection.recv() method automatically unpickles the data it
receives, which can be a security risk unless you can trust the process
which sent the message. Therefore, unless the connection object was
produced using Pipe() you should only use the recv() and send() methods
after performing some sort of authentication. See more dettails:
https://docs.python.org/3/library/multiprocessing.html?highlight=security\
#multiprocessing.connection.Connection"
metadata:
cwe:
- "CWE-502: Deserialization of Untrusted Data"
owasp:
- A08:2017 - Insecure Deserialization
- A08:2021 - Software and Data Integrity Failures
references:
- https://docs.python.org/3/library/multiprocessing.html?highlight=security#multiprocessing.connection.Connection
category: security
technology:
- python
cwe2022-top25: true
cwe2021-top25: true
subcategory:
- audit
likelihood: LOW
impact: LOW
confidence: LOW
license: Commons Clause License Condition v1.0[LGPL-2.1-only]
vulnerability_class:
- "Insecure Deserialization "
pattern-either:
- pattern: multiprocessing.connection.Connection.recv(...)
- pattern: multiprocessing.connection.Client.recv(...)
- pattern: |
$C = multiprocessing.connection.Client(...)
...
$C.recv(...)
severity: WARNING
Examples
conn_recv.py
import multiprocessing
import multiprocessing.connection
rx = multiprocessing.connection.Client(('localhost', 12345)).recv()
# ruleid: multiprocessing-recv
connection = multiprocessing.connection.Client(
('localhost', 12345),
)
output = {}
connection.send(output)
# toodoruleid:multiprocessing.recv
rx = connection.recv()
Short Link: https://sg.run/x1lz