Skip to content

Fix TexManager's support for openin_any = p #23804

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Sep 7, 2022
Merged

Fix TexManager's support for openin_any = p #23804

merged 1 commit into from
Sep 7, 2022

Conversation

jtracey
Copy link
Contributor

@jtracey jtracey commented Sep 5, 2022
edited
Loading

PR Summary

Because of the security implications of being able to read/write arbitrary files, even with user permissions, TeX's path resolution system kpathsea restricts file access by default. While most configs overwrite this with more permissive options, a secure setup (particularly in settings where TeX is being supplied from untrusted inputs) should have openin_any = p in the system's texmf.cnf or equivalent. This setting disallows, among other things, traversal to parent directories.

PR #21414 worked around a problem with paths that contain ~ by traversing through the parent:

matplotlib/lib/matplotlib/texmanager.py

Line 298 in 25b39d4

f"../{texfile.name}"], tex, cwd=tmpdir)

That code makes it impossible to use TeX with the default settings, even if the TEXMFOUTPUT and MPLCONFIGDIR environment variables are set appropriately to allow it. This PR reorganizes access to the same directory structure to use only child directories, which are allowed.

PR Checklist

Tests and Styling

  • Has pytest style unit tests (and pytest passes).
  • Is Flake 8 compliant (install flake8-docstrings and run flake8 --docstring-convention=all).

Documentation

  • [N/A] New features are documented, with examples if plot related.
  • [N/A] New features have an entry in doc/users/next_whats_new/ (follow instructions in README.rst there).
  • [N/A] API changes documented in doc/api/next_api_changes/ (follow instructions in README.rst there).
  • [N/A] Documentation is sphinx and numpydoc compliant (the docs should build without error).

@jtracey jtracey changed the title Fix TexManager's support for openout_any = p Fix TexManager's support for openin_any = p Sep 5, 2022
github-actions[bot]
github-actions bot reviewed Sep 5, 2022
View reviewed changes
Copy link

@github-actions github-actions bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you for opening your first PR into Matplotlib!

If you have not heard from us in a while, please feel free to ping @matplotlib/developers or anyone who has commented on the PR. Most of our reviewers are volunteers and sometimes things fall through the cracks.

You can also join us on gitter for real-time discussion.

For details on testing, writing docs, and our review process, please see the developer guide

We strive to be a welcoming and open project. Please follow our Code of Conduct.

@jtracey
Fix TexManager's support for openout_any = p
19e6417 
The "paranoid" default of Kpathsea (TeX Live's path resolution system)
disallows access to parent directories.
@jtracey jtracey force-pushed the openout_any_paranoid branch from 6810ca8 to 19e6417 Compare September 6, 2022 00:53
@timhoffm timhoffm merged commit f8cf0ee into matplotlib:main Sep 7, 2022
@timhoffm timhoffm added this to the v3.7.0 milestone Sep 7, 2022
@timhoffm
Copy link
Member

timhoffm commented Sep 7, 2022

@jtracey Thanks and congratulations on your first contribution to Matplotlib. We hope to see you back.

@timhoffm
Copy link
Member

timhoffm commented Sep 7, 2022

@tacaswell @QuLogic should we backport to 3.6.x? AFAICS as long as we have not released 3.6.0 we cannot port to 3.6.1? Correct?

@QuLogic
Copy link
Member

QuLogic commented Dec 17, 2022

On what systems or version of TeX is this a problem? I cannot confirm that the given test actually fails without this change.

@jtracey
Copy link
Contributor Author

jtracey commented Dec 23, 2022

@QuLogic this was a default Debian Stretch install, which right now seems to be using 2020.20210202-3 for the texlive package.

@jtracey
Copy link
Contributor Author

jtracey commented Dec 24, 2022
edited
Loading

Scratch that, even though that's where I cam across the bug, it looks like the test does indeed pass in that environment. The test does fail in my dev environment though, which is Ubuntu 20.10, running texlive 2022.20220722-1.

edit to add: I'll take a closer look to see why the test only sometimes fails, given that I see the buggy behavior in both.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@github-actions github-actions[bot] github-actions[bot] left review comments

@anntzer anntzer anntzer approved these changes

@timhoffm timhoffm timhoffm approved these changes

Assignees
No one assigned
Labels
topic: text/usetex
Projects
None yet
Milestone
v3.7.0
Development

Successfully merging this pull request may close these issues.
4 participants
@jtracey @timhoffm @QuLogic @anntzer