Handle empty tokens safely (#37961)

Closes #37945
2025-04-17 10:10:20 +00:00 · 2016-11-29 13:29:47 -07:00 · 2016-11-29 13:29:47 -07:00 · 330021cd8b
commit 330021cd8b
parent ea46639ce7
1 changed files with 7 additions and 1 deletions
--- a/salt/daemons/masterapi.py
+++ b/salt/daemons/masterapi.py
@ -13,6 +13,7 @@ import re
 import time
 import stat
 import tempfile
+import msgpack

 # Import salt libs
 import salt.crypt
@ -146,7 +147,12 @@ def clean_expired_tokens(opts):
        for token in filenames:
            token_path = os.path.join(dirpath, token)
            with salt.utils.fopen(token_path) as token_file:
-                token_data = serializer.loads(token_file.read())
+                try:
+                    token_data = serializer.loads(token_file.read())
+                except msgpack.UnpackValueError:
+                    # Bad token file or empty. Remove.
+                    os.remove(token_path)
+                    return
                if 'expire' not in token_data or token_data.get('expire', 0) < time.time():
                    try:
                        os.remove(token_path)