fix: CWE-23 detected by Snyk in apply_spec_filters

- RHINENG-14792, RHINENG-14796 Signed-off-by: Xiangce Liu <[email protected]>
RedHatInsights · Jan 15, 2025 · 6daa698 · 6daa698
1 parent c530404
commit 6daa698
Show file tree

Hide file tree

Showing 2 changed files with 7 additions and 2 deletions.
diff --git a/insights/tests/tools/test_apply_spec_filters.py b/insights/tests/tools/test_apply_spec_filters.py
@@ -65,6 +65,9 @@
 
 
 def setup_function():
+    filters._CACHE = {}
+    filters.FILTERS = defaultdict(dict)
+
     filters.add_filter(Specs.ps_alxwww, ['COMMAND', 'CMD'])
     filters.add_filter(Specs.ps_aux, 'COMMAND')
     filters.add_filter(Specs.yum_conf, '[')

diff --git a/insights/tools/apply_spec_filters.py b/insights/tools/apply_spec_filters.py
@@ -52,6 +52,7 @@ def apply_filters(_format, _plugins, output=None):
             )
             filters.dump()
         else:
+            yaml_path = os.path.realpath(yaml_path)
             logger.info("Output filters to '{0}'".format(yaml_path))
             with open(yaml_path, 'w') as fp:
                 filters.dump(fp)
@@ -62,6 +63,7 @@ def apply_filters(_format, _plugins, output=None):
             logger.error("Provide uploader.json location to load and output.")
             return 1
 
+        json_path = os.path.realpath(json_path)
         if not os.path.exists(json_path):
             logger.error("Provided '{0}' path does not exist.".format(json_path))
             return 1
@@ -85,12 +87,12 @@ def apply_filters(_format, _plugins, output=None):
         uploader_json["version"] = datetime.now().isoformat()
 
         pattern = re.compile(",")
-        output = "\n".join(
+        json_content = "\n".join(
             pattern.sub(",", l) for l in json.dumps(uploader_json, indent=4).splitlines()
         )
 
         with open(json_path, "w") as fp:
-            fp.write(output)
+            fp.write(json_content)
     return 0