[Bf-blender-cvs] [d03a5fab7a4] blender-v2.93-release: Python: restrict name-space access for restricted evaluation
Campbell Barton
noreply at git.blender.org
Tue Aug 2 10:43:18 CEST 2022
Commit: d03a5fab7a4d0462091c93be52638015240f1afd
Author: Campbell Barton
Date: Tue Aug 2 10:42:39 2022 +0200
Branches: blender-v2.93-release
https://developer.blender.org/rBd03a5fab7a4d0462091c93be52638015240f1afd
Python: restrict name-space access for restricted evaluation
>From [0], restrict namsepace access to anything with an underscore
prefix since these may be undocumented.
[0]: 00c7e760b323e5fa46703d0e4769c8f1d9c35f2e
===================================================================
M source/blender/python/intern/bpy_driver.c
===================================================================
diff --git a/source/blender/python/intern/bpy_driver.c b/source/blender/python/intern/bpy_driver.c
index 33162fdc35c..6c078e4228c 100644
--- a/source/blender/python/intern/bpy_driver.c
+++ b/source/blender/python/intern/bpy_driver.c
@@ -350,6 +350,7 @@ static bool bpy_driver_secure_bytecode_validate(PyObject *expr_code, PyObject *d
{
for (int i = 0; i < PyTuple_GET_SIZE(py_code->co_names); i++) {
PyObject *name = PyTuple_GET_ITEM(py_code->co_names, i);
+ const char *name_str = PyUnicode_AsUTF8(name);
bool contains_name = false;
for (int j = 0; dict_arr[j]; j++) {
@@ -359,11 +360,11 @@ static bool bpy_driver_secure_bytecode_validate(PyObject *expr_code, PyObject *d
}
}
- if (contains_name == false) {
+ if ((contains_name == false) || (name_str[0] == '_')) {
fprintf(stderr,
"\tBPY_driver_eval() - restricted access disallows name '%s', "
"enable auto-execution to support\n",
- PyUnicode_AsUTF8(name));
+ name_str);
return false;
}
}
More information about the Bf-blender-cvs
mailing list