# HG changeset patch # User aronacher # Date 1190834766 0 # Node ID 4ad264337a500e43b11eeaafe1b8f2be47f301c4 # Parent f4072789fd7d3b52e33a6abff7fbc9f99e2daeb6 some more changes on the sandboxed branch diff --git a/genshi/template/eval.py b/genshi/template/eval.py --- a/genshi/template/eval.py +++ b/genshi/template/eval.py @@ -28,7 +28,7 @@ from genshi.core import Markup from genshi.template.base import TemplateRuntimeError -from genshi.util import flatten, safe_range +from genshi.util import flatten, safe_range, safe_xrange __all__ = ['Code', 'Expression', 'Suite', 'LenientLookup', 'StrictLookup', 'Undefined', 'UndefinedError'] @@ -377,7 +377,14 @@ class RestrictedLookupWrapper(object): """ Special class that wraps a lookup so that insecure accesses result - in undefined. Additionally the globals are secured. + in undefined. Considered insecure are names or attributes starting + with underscores, default function or method attributes, or any + attribute that is listed in the `__genshi_unsafe__` member of the + owning class. + + The attribute and item lookup mechanisms of the wrapped lookup is + used if the attribute is considered safe, names however are always + resolved in the class itself. """ def __init__(self, lookup): @@ -485,17 +492,19 @@ BUILTINS = __builtin__.__dict__.copy() BUILTINS.update({'Markup': Markup, 'Undefined': Undefined}) -# XXX: if we weaken the rule for global name resultion so that leading -# underscores are valid we have to add __import__ here. UNSAFE_NAMES = ['file', 'open', 'eval', 'locals', 'globals', 'vars', 'buffer', 'help', 'quit', 'exit', 'input', 'raw_input', 'setattr', - 'getattr', 'delattr', 'reload', 'compile', 'type', 'intern'] + 'getattr', 'delattr', 'reload', 'compile', 'type', 'intern', + '__import__', ''] SECURE_BUILTINS = BUILTINS.copy() for _unsafe_name in UNSAFE_NAMES: SECURE_BUILTINS.pop(_unsafe_name, None) del _unsafe_name -SECURE_BUILTINS['range'] = safe_range +SECURE_BUILTINS.update( + range=safe_range, + xrange=safe_xrange +) CONSTANTS = frozenset(['False', 'True', 'None', 'NotImplemented', 'Ellipsis']) diff --git a/genshi/util.py b/genshi/util.py --- a/genshi/util.py +++ b/genshi/util.py @@ -245,10 +245,15 @@ return _STRIPTAGS_RE.sub('', text) SAFE_RANGE_MAX = 10000 -def safe_range(*args): - """Save version of a normal range.""" +def safe_xrange(*args): + """Save version of a normal xrange.""" rng = xrange(*args) if len(rng) > SAFE_RANGE_MAX: raise ValueError('cannot generate ranges with more than %d items.' % SAFE_RANGE_MAX) - return list(rng) + return rng + + +def safe_range(*args): + """Save version of a normal range.""" + return list(safe_xrange(*args))