laforge has uploaded this change for review. ( https://gerrit.osmocom.org/c/pysim/+/34946?usp=email ) Change subject: pySim-shell: Validate that argument to 'apdu' command is proper hexstr ...................................................................... pySim-shell: Validate that argument to 'apdu' command is proper hexstr Let's not even send anything to the card if it's not an even number of hexadecimal digits Change-Id: I58465244101cc1a976e5a17af2aceea1cf9f9b54 --- M pySim-shell.py M pySim/utils.py 2 files changed, 23 insertions(+), 2 deletions(-) git pull ssh://gerrit.osmocom.org:29418/pysim refs/changes/46/34946/1 diff --git a/pySim-shell.py b/pySim-shell.py index c2bb15c..d9c9f8c 100755 --- a/pySim-shell.py +++ b/pySim-shell.py @@ -53,7 +53,7 @@ from pySim.cards import card_detect, SimCardBase, UiccCardBase from pySim.utils import h2b, b2h, i2h, swap_nibbles, rpad, JsonEncoder, bertlv_parse_one, sw_match from pySim.utils import sanitize_pin_adm, tabulate_str_list, boxed_heading_str, Hexstr, dec_iccid -from pySim.utils import is_hexstr_or_decimal +from pySim.utils import is_hexstr_or_decimal, is_hexstr from pySim.card_handler import CardHandler, CardHandlerAuto from pySim.filesystem import CardDF, CardADF, CardModel, CardApplication @@ -322,7 +322,7 @@ self.equip(card, rs) apdu_cmd_parser = argparse.ArgumentParser() - apdu_cmd_parser.add_argument('APDU', type=str, help='APDU as hex string') + apdu_cmd_parser.add_argument('APDU', type=is_hexstr, help='APDU as hex string') apdu_cmd_parser.add_argument('--expect-sw', help='expect a specified status word', type=str, default=None) @cmd2.with_argparser(apdu_cmd_parser) diff --git a/pySim/utils.py b/pySim/utils.py index 92bf70f..ea1c9e6 100644 --- a/pySim/utils.py +++ b/pySim/utils.py @@ -1478,3 +1478,12 @@ if len(instr) & 1: raise ValueError('Input has un-even number of hex digits') return instr + +def is_hexstr(instr: str) -> str: + """Method that can be used as 'type' in argparse.add_argument() to validate the value consists of + an even sequence of hexadecimal digits only.""" + if not all(c in string.hexdigits for c in instr): + raise ValueError('Input must be hexadecimal') + if len(instr) & 1: + raise ValueError('Input has un-even number of hex digits') + return instr -- To view, visit https://gerrit.osmocom.org/c/pysim/+/34946?usp=email To unsubscribe, or for help writing mail filters, visit https://gerrit.osmocom.org/settings Gerrit-Project: pysim Gerrit-Branch: master Gerrit-Change-Id: I58465244101cc1a976e5a17af2aceea1cf9f9b54 Gerrit-Change-Number: 34946 Gerrit-PatchSet: 1 Gerrit-Owner: laforge <laforge(a)osmocom.org> Gerrit-MessageType: newchange