Python: restrict name-space access for restricted evaluation
From [0], restrict namsepace access to anything with an underscore
prefix since these may be undocumented.
[0]: 00c7e760b3
This commit is contained in:
parent
c857405c0d
commit
ae45931797
Notes:
blender-bot
2023-02-14 02:22:07 +01:00
Referenced by issue #98661, 3.2: Potential candidates for corrective releases
|
@ -359,6 +359,7 @@ static bool bpy_driver_secure_bytecode_validate(PyObject *expr_code, PyObject *d
|
|||
{
|
||||
for (int i = 0; i < PyTuple_GET_SIZE(py_code->co_names); i++) {
|
||||
PyObject *name = PyTuple_GET_ITEM(py_code->co_names, i);
|
||||
const char *name_str = PyUnicode_AsUTF8(name);
|
||||
|
||||
bool contains_name = false;
|
||||
for (int j = 0; dict_arr[j]; j++) {
|
||||
|
@ -368,11 +369,11 @@ static bool bpy_driver_secure_bytecode_validate(PyObject *expr_code, PyObject *d
|
|||
}
|
||||
}
|
||||
|
||||
if (contains_name == false) {
|
||||
if ((contains_name == false) || (name_str[0] == '_')) {
|
||||
fprintf(stderr,
|
||||
"\tBPY_driver_eval() - restricted access disallows name '%s', "
|
||||
"enable auto-execution to support\n",
|
||||
PyUnicode_AsUTF8(name));
|
||||
name_str);
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue