From 2cb659b1a12f48841bd1dfeeeee836634bab636f Mon Sep 17 00:00:00 2001 From: Andrew Murray Date: Sat, 28 Oct 2023 15:59:21 +1100 Subject: [PATCH] Include further builtins --- Tests/test_imagemath.py | 5 +++++ src/PIL/ImageMath.py | 2 +- 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/Tests/test_imagemath.py b/Tests/test_imagemath.py index ded8c00111f..0e09607cab8 100644 --- a/Tests/test_imagemath.py +++ b/Tests/test_imagemath.py @@ -68,6 +68,11 @@ def test_prevent_double_underscores(): ImageMath.eval("1", {"__": None}) +def test_prevent_builtins(): + with pytest.raises(ValueError): + ImageMath.eval("(lambda: exec('exit()'))()", {"exec": None}) + + def test_logical(): assert pixel(ImageMath.eval("not A", images)) == 0 assert pixel(ImageMath.eval("A and B", images)) == "L 2" diff --git a/src/PIL/ImageMath.py b/src/PIL/ImageMath.py index 350ef7a0408..4c7584fa1c8 100644 --- a/src/PIL/ImageMath.py +++ b/src/PIL/ImageMath.py @@ -238,7 +238,7 @@ def eval(expression, _dict={}, **kw): # build execution namespace args = ops.copy() for k in list(_dict.keys()) + list(kw.keys()): - if "__" in k or hasattr(__builtins__, k): + if "__" in k or hasattr(builtins, k): msg = f"'{k}' not allowed" raise ValueError(msg)