From 8268c1641f968d553141236803f2b2467a477071 Mon Sep 17 00:00:00 2001
From: Steven Hiscocks <steven@hiscocks.me.uk>
Date: Tue, 17 Jun 2014 23:24:23 +0100
Subject: [PATCH] BF: aInfo could be modified by actions, causing unexpected
 behaviour

A separate copy of aInfo is passed to each action
---
 config/action.d/smtp.py    |  2 +-
 fail2ban/server/action.py  |  6 ++++++
 fail2ban/server/actions.py | 14 ++++++++------
 3 files changed, 15 insertions(+), 7 deletions(-)

diff --git a/config/action.d/smtp.py b/config/action.d/smtp.py
index 2d0add8e..86857616 100644
--- a/config/action.d/smtp.py
+++ b/config/action.d/smtp.py
@@ -45,7 +45,7 @@ messages['ban'] = {}
 messages['ban']['head'] = \
 """Hi,
 
-The IP %(ip)s has just been banned for %(bantime)s seconds
+The IP %(ip)s has just been banned for %(bantime)i seconds
 by Fail2Ban after %(failures)i attempts against %(jailname)s.
 """
 messages['ban']['tail'] = \
diff --git a/fail2ban/server/action.py b/fail2ban/server/action.py
index fefe2c2c..7464e008 100644
--- a/fail2ban/server/action.py
+++ b/fail2ban/server/action.py
@@ -68,6 +68,9 @@ class CallingMap(MutableMapping):
 	def __init__(self, *args, **kwargs):
 		self.data = dict(*args, **kwargs)
 
+	def __repr__(self):
+		return "%s(%r)" % (self.__class__.__name__, self.data)
+
 	def __getitem__(self, key):
 		value = self.data[key]
 		if callable(value):
@@ -87,6 +90,9 @@ class CallingMap(MutableMapping):
 	def __len__(self):
 		return len(self.data)
 
+	def copy(self):
+		return self.__class__(self.data.copy())
+
 class ActionBase(object):
 	"""An abstract base class for actions in Fail2Ban.
 
diff --git a/fail2ban/server/actions.py b/fail2ban/server/actions.py
index dd68ac13..77cc208d 100644
--- a/fail2ban/server/actions.py
+++ b/fail2ban/server/actions.py
@@ -273,11 +273,12 @@ class Actions(JailThread, Mapping):
 				logSys.notice("[%s] Ban %s" % (self._jail.name, aInfo["ip"]))
 				for name, action in self._actions.iteritems():
 					try:
-						action.ban(aInfo)
+						action.ban(aInfo.copy())
 					except Exception as e:
 						logSys.error(
-							"Failed to execute ban jail '%s' action '%s': %s",
-							self._jail.name, name, e,
+							"Failed to execute ban jail '%s' action '%s' "
+							"info '%r': %s",
+							self._jail.name, name, aInfo, e,
 							exc_info=logSys.getEffectiveLevel()<=logging.DEBUG)
 				return True
 			else:
@@ -321,11 +322,12 @@ class Actions(JailThread, Mapping):
 		logSys.notice("[%s] Unban %s" % (self._jail.name, aInfo["ip"]))
 		for name, action in self._actions.iteritems():
 			try:
-				action.unban(aInfo)
+				action.unban(aInfo.copy())
 			except Exception as e:
 				logSys.error(
-					"Failed to execute unban jail '%s' action '%s': %s",
-					self._jail.name, name, e,
+					"Failed to execute unban jail '%s' action '%s' "
+					"info '%r': %s",
+					self._jail.name, name, aInfo, e,
 					exc_info=logSys.getEffectiveLevel()<=logging.DEBUG)
 
 	@property