blender
/
blender
136
406
Fork 589
Code Issues 6.2k Pull Requests 759 Projects 19 Wiki Activity

Python: restrict name-space access for restricted evaluation 

From [0], restrict namsepace access to anything with an underscore
prefix since these may be undocumented.

[0]: 00c7e760b3
This commit is contained in:
Campbell Barton 2022-08-02 11:32:25 +02:00 committed by Thomas Dinges
parent c857405c0d
commit ae45931797
Notes: blender-bot 2023-02-14 02:22:07 +01:00 
Referenced by issue #98661, 3.2: Potential candidates for corrective releases
1 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
source/blender/python/intern/bpy_driver.c
View File

@ -359,6 +359,7 @@ static bool bpy_driver_secure_bytecode_validate(PyObject *expr_code, PyObject *d
{
for (int i = 0; i < PyTuple_GET_SIZE(py_code->co_names); i++) {
PyObject *name = PyTuple_GET_ITEM(py_code->co_names, i);
const char *name_str = PyUnicode_AsUTF8(name);
bool contains_name = false;
for (int j = 0; dict_arr[j]; j++) {
@ -368,11 +369,11 @@ static bool bpy_driver_secure_bytecode_validate(PyObject *expr_code, PyObject *d
}
}
if (contains_name == false) {
if ((contains_name == false) || (name_str[0] == '_')) {
fprintf(stderr,
"\tBPY_driver_eval() - restricted access disallows name '%s', "
"enable auto-execution to support\n",
PyUnicode_AsUTF8(name));
name_str);
return false;
}
}