Avoid shell=True in subprocess

'shell=True' has a potential security danger, so
we need avoid this usage.

Refs:
[1] https://security.openstack.org/guidelines/dg_avoid-shell-true.html

Change-Id: I095e69c70f82467211a63323530a0b1753c5b952
Closes-Bug: #1508103
This commit is contained in:
Hai Shi 2017-03-17 16:53:26 +08:00
parent 698cd90c20
commit 60c687e9cd

View File

@ -46,8 +46,9 @@ def generate_urls_list(instances):
def run():
instances = list(get_instances())
urls = generate_urls_list(instances)
out = subprocess.check_output("siege -q -t 60S -b -f %s" % urls,
shell=True, stderr=subprocess.STDOUT)
out = subprocess.check_output(
["siege", "-q", "-t", "60S", "-b", "-f", urls],
stderr=subprocess.STDOUT)
for line in out.splitlines():
m = SIEGE_RE.match(line)
if m: