Eve has a Comparison of Incompatible Types that Results in Invalid State in pyeve/eve

Valid

Reported on

Nov 1st 2022

Description

A conditional statement that always resolves to False.

Proof of Concept

// eve/methods/common.py
        if (
            field in document
            and document[field] is not None
            and document[field] is not []  # Always resolves to False
        ):
            related_links = []

Impact

The nested code block will never execute, resulting in invalid data.

Occurrences

common.py L760

Comparing the value of document[field] to an empty list [] using the is not comparison operator will always resolve to False. The != comparison operator should be used to evaluate this statement.

References

CWE-1024: Comparison of Incompatible Types

We are processing your report and will contact the pyeve/eve team within 24 hours. a year ago

Evan Ottinger submitted a

patch

a year ago

We created a GitHub Issue asking the maintainers to create a SECURITY.md a year ago

Evan Ottinger

commented a year ago

Researcher

Thank you. The issue has been closed. The maintainer has added SECURITY.md to the repository.

We have contacted a member of the pyeve/eve team and are waiting to hear back a year ago

A pyeve/eve maintainer

commented a year ago

Maintainer

Please submit a PR. I'll be happy to review it.

Evan Ottinger submitted a

patch

a year ago

Evan Ottinger

commented a year ago

Researcher

I’ve submitted a patch for your review.

Evan Ottinger

commented a year ago

Researcher

@admin - can you donate my bounty to the maintainer?

We have sent a follow up to the pyeve/eve team. We will try again in 7 days. a year ago

A pyeve/eve maintainer validated this vulnerability a year ago

Evan Ottinger has been awarded the disclosure bounty

The fix bounty is now up for grabs

The researcher's credibility has increased: +7

A pyeve/eve maintainer gave praise a year ago

Thank you.

The researcher's credibility has slightly increased as a result of the maintainer's thanks: +1

Evan Ottinger

commented a year ago

Researcher

@maintainer my pleasure!

Evan Ottinger

commented a year ago

Researcher

@admin I would like to request a CVE if this qualifies.

Evan Ottinger submitted a

patch

a year ago

Evan Ottinger submitted a

patch

a year ago

Evan Ottinger

commented a year ago

Researcher

Sorry for the multiple patch submissions...I'm new lol.

Do I still need to create a PR on GitHub?

A pyeve/eve maintainer

commented a year ago

Maintainer

nope, I already patched it. Will release in a couple days.

Evan Ottinger

commented a year ago

Researcher

Great--thank you!

Pavlos

commented a year ago

Admin

@maintainer feel free to mark it as fixed, the report won't be made public :)

A pyeve/eve maintainer marked this as fixed in 2.0.4 with commit 71689d a year ago

Evan Ottinger has been awarded the fix bounty

This vulnerability will not receive a CVE

common.py#L760 has been validated

A pyeve/eve maintainer published this vulnerability a year ago

to join this conversation

We are processing your report and will contact the pyeve/eve team within 24 hours. a year ago

Evan Ottinger submitted a

patch

a year ago

We created a GitHub Issue asking the maintainers to create a SECURITY.md a year ago

Evan Ottinger

commented a year ago

Researcher

Thank you. The issue has been closed. The maintainer has added SECURITY.md to the repository.

We have contacted a member of the pyeve/eve team and are waiting to hear back a year ago

A pyeve/eve maintainer

commented a year ago

Maintainer

Please submit a PR. I'll be happy to review it.

Evan Ottinger submitted a

patch

a year ago

Evan Ottinger

commented a year ago

Researcher

I’ve submitted a patch for your review.

Evan Ottinger

commented a year ago

Researcher

@admin - can you donate my bounty to the maintainer?

We have sent a follow up to the pyeve/eve team. We will try again in 7 days. a year ago

A pyeve/eve maintainer validated this vulnerability a year ago

Evan Ottinger has been awarded the disclosure bounty

The fix bounty is now up for grabs

The researcher's credibility has increased: +7

A pyeve/eve maintainer gave praise a year ago

Thank you.

The researcher's credibility has slightly increased as a result of the maintainer's thanks: +1

Evan Ottinger

commented a year ago

Researcher

@maintainer my pleasure!

Evan Ottinger

commented a year ago

Researcher

@admin I would like to request a CVE if this qualifies.

Evan Ottinger submitted a

patch

a year ago

Evan Ottinger submitted a

patch

a year ago

Evan Ottinger

commented a year ago

Researcher

Sorry for the multiple patch submissions...I'm new lol.

Do I still need to create a PR on GitHub?

A pyeve/eve maintainer

commented a year ago

Maintainer

nope, I already patched it. Will release in a couple days.

Evan Ottinger

commented a year ago

Researcher

Great--thank you!

Pavlos

commented a year ago

Admin

@maintainer feel free to mark it as fixed, the report won't be made public :)

A pyeve/eve maintainer marked this as fixed in 2.0.4 with commit 71689d a year ago

Evan Ottinger has been awarded the fix bounty

This vulnerability will not receive a CVE

common.py#L760 has been validated

A pyeve/eve maintainer published this vulnerability a year ago

to join this conversation