[Bf-blender-cvs] [ae459317974] blender-v3.2-release: Python: restrict name-space access for restricted evaluation
Campbell Barton
noreply at git.blender.org
Tue Aug 2 11:32:47 CEST 2022
Commit: ae4593179745d55e93036902d3fd15045933a253
Author: Campbell Barton
Date: Tue Aug 2 11:32:25 2022 +0200
Branches: blender-v3.2-release
https://developer.blender.org/rBae4593179745d55e93036902d3fd15045933a253
Python: restrict name-space access for restricted evaluation
>From [0], restrict namsepace access to anything with an underscore
prefix since these may be undocumented.
[0]: 00c7e760b323e5fa46703d0e4769c8f1d9c35f2e
===================================================================
M source/blender/python/intern/bpy_driver.c
===================================================================
diff --git a/source/blender/python/intern/bpy_driver.c b/source/blender/python/intern/bpy_driver.c
index a9cc0019783..1712213b612 100644
--- a/source/blender/python/intern/bpy_driver.c
+++ b/source/blender/python/intern/bpy_driver.c
@@ -359,6 +359,7 @@ static bool bpy_driver_secure_bytecode_validate(PyObject *expr_code, PyObject *d
{
for (int i = 0; i < PyTuple_GET_SIZE(py_code->co_names); i++) {
PyObject *name = PyTuple_GET_ITEM(py_code->co_names, i);
+ const char *name_str = PyUnicode_AsUTF8(name);
bool contains_name = false;
for (int j = 0; dict_arr[j]; j++) {
@@ -368,11 +369,11 @@ static bool bpy_driver_secure_bytecode_validate(PyObject *expr_code, PyObject *d
}
}
- if (contains_name == false) {
+ if ((contains_name == false) || (name_str[0] == '_')) {
fprintf(stderr,
"\tBPY_driver_eval() - restricted access disallows name '%s', "
"enable auto-execution to support\n",
- PyUnicode_AsUTF8(name));
+ name_str);
return false;
}
}
More information about the Bf-blender-cvs
mailing list