diff options
| author | Qrius <[email protected]> | 2025-05-06 14:22:33 +0200 |
|---|---|---|
| committer | Qrius <[email protected]> | 2025-05-06 14:23:04 +0200 |
| commit | 77e73d70a9b81a7bbd8e49be52612fc62a9f9502 (patch) | |
| tree | c816ff6a30dee18e2c701cfd83c3e9104e73e333 /src/smp/macro_processor.py | |
| parent | 68f3e45b0c9570e4bdf01147f606f04bda6be310 (diff) | |
| download | skaldpress-77e73d70a9b81a7bbd8e49be52612fc62a9f9502.tar.gz skaldpress-77e73d70a9b81a7bbd8e49be52612fc62a9f9502.zip | |
Disable unsafe code execution by default
Diffstat (limited to 'src/smp/macro_processor.py')
| -rw-r--r-- | src/smp/macro_processor.py | 8 |
1 files changed, 6 insertions, 2 deletions
diff --git a/src/smp/macro_processor.py b/src/smp/macro_processor.py index a473db4..d5f4e8e 100644 --- a/src/smp/macro_processor.py +++ b/src/smp/macro_processor.py @@ -76,6 +76,8 @@ class MacroProcessor: expansion_stack: list[Any] + unsafe_code_execution: bool = False + def __init__(self, prefix=""): self.macros = dict() self.macro_invocations = list() @@ -140,7 +142,7 @@ class MacroProcessor: return self.macros.get(f"{sub_prefix}{macro_name}", default) def _define_metadata(self, macro_name, macro_value): - sub_prefix = (self._get_macro_builtin("metadata_prefix")) + sub_prefix = self._get_macro_builtin("metadata_prefix") self.define_macro(f"{sub_prefix}{macro_name}", macro_value) def log_warning(self, message): @@ -351,7 +353,7 @@ class MacroProcessor: i += 1 continue - if c == "%" and peek == "(": + if self.unsafe_code_execution and c == "%" and peek == "(": state = ParserState.IN_CODE i += 2 state_start = i @@ -499,6 +501,8 @@ class MacroProcessor: elif state == ParserState.IN_CODE: if c == ")" and peek == "%": try: + if not self.unsafe_code_execution: + raise Exception("unsafe code execution now allowed!") self._enter_frame("inline_code", file, linenr, input) f = StringIO() with redirect_stdout(f): |