Add RETURN_CONST as an allowed _const_code in safeeval (#2352)

erikleffler · peace-maker · web-flow · commit 1b47ae1c202a · 2024-02-20T18:28:20.000Z
* better error message when process creation fails in ssh.process

* add RETURN_CONST as an allowed _const_code in safeeval

* fix lint

* add to changelog

* fix changelog

* add couldn't find python warning

* Deduplicate error message code

---------

Co-authored-by: Peace-Maker &lt;peacemakerctf@gmail.com&gt;
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -92,8 +92,10 @@ The table below shows which release corresponds to each branch, and what date th
 
 ## 4.11.2
 - [#2349][2349] Fix term.readline omitting a trailing \n
+- [#2352][2352] add `RETURN_CONST` as an allowed `_const_code` in safeeval
 
 [2349]: https://github.com/Gallopsled/pwntools/pull/2349
+[2352]: https://github.com/Gallopsled/pwntools/pull/2352
 
 ## 4.11.1 (`stable`)
 
diff --git a/pwnlib/tubes/ssh.py b/pwnlib/tubes/ssh.py
@@ -1074,15 +1074,19 @@ def is_exe(path):
                 python = ssh_process(self, script, tty=True, cwd=cwd, raw=True, level=self.level, timeout=timeout)
 
             try:
-                python.recvline_contains(b'PWNTOOLS')        # Magic flag so that any sh/bash initialization errors are swallowed
-                python.recvline()                           # Python interpreter that was selected
+                python.recvline_contains(b'PWNTOOLS')   # Magic flag so that any sh/bash initialization errors are swallowed
+                try:
+                    if b'python' not in python.recvline():  # Python interpreter that was selected
+                        raise ValueError("Python not found on remote host")
+                except (EOFError, ValueError):
+                    self.warn_once('Could not find a Python interpreter on %s\n' % self.host
+                                   + "Use ssh.system() instead of ssh.process()\n")
+                    h.failure("Process creation failed")
+                    return None
+
                 result = safeeval.const(python.recvline())  # Status flag from the Python script
             except (EOFError, ValueError):
                 h.failure("Process creation failed")
-                self.warn_once('Could not find a Python interpreter on %s\n' % self.host
-                               + "Use ssh.run() instead of ssh.process()\n"
-                                 "The original error message:\n"
-                               + python.recvall().decode())
                 return None
 
             # If an error occurred, try to grab as much output
diff --git a/pwnlib/util/safeeval.py b/pwnlib/util/safeeval.py
@@ -6,7 +6,7 @@
     'BUILD_CONST_KEY_MAP', 'BUILD_STRING',
     'LOAD_CONST','RETURN_VALUE','STORE_SUBSCR', 'STORE_MAP',
     'LIST_TO_TUPLE', 'LIST_EXTEND', 'SET_UPDATE', 'DICT_UPDATE', 'DICT_MERGE',
-    'COPY', 'RESUME',
+    'COPY', 'RESUME', 'RETURN_CONST'
     ]
 
 _expr_codes = _const_codes + [

Original file line number	Diff line number	Diff line change
`@@ -6,7 +6,7 @@`
`6`	`6`	`'BUILD_CONST_KEY_MAP', 'BUILD_STRING',`
`7`	`7`	`'LOAD_CONST','RETURN_VALUE','STORE_SUBSCR', 'STORE_MAP',`
`8`	`8`	`'LIST_TO_TUPLE', 'LIST_EXTEND', 'SET_UPDATE', 'DICT_UPDATE', 'DICT_MERGE',`
`9`		`- 'COPY', 'RESUME',`
	`9`	`+ 'COPY', 'RESUME', 'RETURN_CONST'`
`10`	`10`	`]`
`11`	`11`
`12`	`12`	`_expr_codes = _const_codes + [`