Merge commit from fork

Multiple security hardening fixes

Author: newville

asteval/asteval.py

@@ -44,9 +44,9 @@
 import time
 from sys import exc_info, stderr, stdout
 
-from .astutils import (HAS_NUMPY, UNSAFE_ATTRS, UNSAFE_ATTRS_DTYPES,
+from .astutils import (HAS_NUMPY,
                        ExceptionHolder, ReturnedNone, Empty, make_symbol_table,
-                       numpy, op2func, valid_symbol_name, Procedure)
+                       numpy, op2func, safe_getattr, safe_format, valid_symbol_name, Procedure)
 
 ALL_NODES = ['arg', 'assert', 'assign', 'attribute', 'augassign', 'binop',
              'boolop', 'break', 'bytes', 'call', 'compare', 'constant',
@@ -513,7 +513,7 @@ def on_formattedvalue(self, node): # ('value', 'conversion', 'format_spec')
         fmt = '{__fstring__}'
         if node.format_spec is not None:
             fmt = f'{{__fstring__:{self.run(node.format_spec)}}}'
-        return fmt.format(__fstring__=val)
+        return safe_format(fmt, self.raise_exception, node, __fstring__=val)
 
     def _getsym(self, node):
         val = self.symtable.get(node.id, ReturnedNone)
@@ -573,22 +573,8 @@ def on_attribute(self, node):    # ('value', 'attr', 'ctx')
         sym = self.run(node.value)
         if ctx == ast.Del:
             return delattr(sym, node.attr)
-        #
-        unsafe = (node.attr in UNSAFE_ATTRS or
-                 (node.attr.startswith('__') and node.attr.endswith('__')))
-        if not unsafe:
-            for dtype, attrlist in UNSAFE_ATTRS_DTYPES.items():
-                unsafe = isinstance(sym, dtype) and node.attr in attrlist
-                if unsafe:
-                    break
-        if unsafe:
-            msg = f"no safe attribute '{node.attr}' for {repr(sym)}"
-            self.raise_exception(node, exc=AttributeError, msg=msg)
-        else:
-            try:
-                return getattr(sym, node.attr)
-            except AttributeError:
-                pass
+        
+        return safe_getattr(sym, node.attr, self.raise_exception, node)
 
 
     def on_assign(self, node):    # ('targets', 'value')

asteval/astutils.py

@@ -13,6 +13,7 @@
 from tokenize import ENCODING as tk_ENCODING
 from tokenize import NAME as tk_NAME
 from tokenize import tokenize as generate_tokens
+from string import Formatter
 
 builtins = __builtins__
 if not isinstance(builtins, dict):
@@ -33,6 +34,14 @@
 except ImportError:
     pass
 
+# This is a necessary API but it's undocumented and moved around
+# between Python releases
+try:
+    from _string import formatter_field_name_split
+except ImportError:
+    formatter_field_name_split = lambda \
+        x: x._formatter_field_name_split()
+
 
 
 MAX_EXPONENT = 10000
@@ -59,7 +68,7 @@
                 '__getattribute__', '__subclasshook__', '__new__',
                 '__init__', 'func_globals', 'func_code', 'func_closure',
                 'im_class', 'im_func', 'im_self', 'gi_code', 'gi_frame',
-                'f_locals', '__asteval__')
+                'f_locals', '__asteval__','mro')
 
 # unsafe attributes for particular objects, by type
 UNSAFE_ATTRS_DTYPES = {str: ('format', 'format_map')}
@@ -266,6 +275,45 @@ def safe_lshift(arg1, arg2):
              ast.UAdd: lambda a: +a,
              ast.USub: lambda a: -a}
 
+# Safe version of getattr
+
+def safe_getattr(obj, attr, raise_exc, node):
+    """safe version of getattr"""
+    unsafe = (attr in UNSAFE_ATTRS or
+            (attr.startswith('__') and attr.endswith('__')))
+    if not unsafe:
+        for dtype, attrlist in UNSAFE_ATTRS_DTYPES.items():
+            unsafe = (isinstance(obj, dtype) or obj is dtype) and attr in attrlist
+            if unsafe:
+                break
+    if unsafe:
+        msg = f"no safe attribute '{attr}' for {repr(obj)}"
+        raise_exc(node, exc=AttributeError, msg=msg)
+    else:
+        try:
+            return getattr(obj, attr)
+        except AttributeError:
+            pass
+
+class SafeFormatter(Formatter):
+    def __init__(self, raise_exc, node):
+        self.raise_exc = raise_exc
+        self.node = node
+        super().__init__()
+
+    def get_field(self, field_name, args, kwargs):
+        first, rest = formatter_field_name_split(field_name)
+        obj = self.get_value(first, args, kwargs)
+        for is_attr, i in rest:
+            if is_attr:
+                obj = safe_getattr(obj, i, self.raise_exc, self.node)
+            else:
+                obj = obj[i]
+        return obj, first
+    
+def safe_format(_string, raise_exc, node, *args, **kwargs):
+    formatter = SafeFormatter(raise_exc, node)
+    return formatter.vformat(_string, args, kwargs)                    
 
 def valid_symbol_name(name):
     """Determine whether the input symbol name is a valid name.

tests/test_asteval.py

@@ -1586,6 +1586,47 @@ def my_func(x, y):
     etype, fullmsg = error.get_error()
     assert 'no safe attribute' in error.msg
     assert etype == 'AttributeError'
+    
+@pytest.mark.parametrize("nested", [False, True])
+def test_unsafe_format_string_access(nested):
+    """
+    addressing https://github.com/lmfit/asteval/security/advisories/GHSA-3wwr-3g9f-9gc7
+    """
+    interp = make_interpreter(nested_symtable=nested)
+    interp(textwrap.dedent("""
+            f"{dict:'\\x7B__fstring__.__class__.s\\x7D'}"
+
+     """),  raise_errors=False)
+
+    error = interp.error[0]
+    etype, fullmsg = error.get_error()
+    assert 'no safe attribute' in error.msg
+    assert etype == 'AttributeError'
+    
+@pytest.mark.parametrize("nested", [False, True])
+def test_unsafe_attr_dtypes(nested):
+    """
+    addressing https://github.com/lmfit/asteval/security/advisories/GHSA-3wwr-3g9f-9gc7
+    """
+    interp = make_interpreter(nested_symtable=nested)
+    interp(textwrap.dedent("""
+            '{0}'.format(dict)
+     """),  raise_errors=False)
+
+    error = interp.error[0]
+    etype, fullmsg = error.get_error()
+    assert 'no safe attribute' in error.msg
+    assert etype == 'AttributeError'
+    
+    interp = make_interpreter(nested_symtable=nested)
+    interp(textwrap.dedent("""
+            str.format('{0}', dict)
+     """),  raise_errors=False)
+    
+    error = interp.error[0]
+    etype, fullmsg = error.get_error()
+    assert 'no safe attribute' in error.msg
+    assert etype == 'AttributeError'
 
 
 @pytest.mark.parametrize("nested", [False, True])