镀铬酸钾
@@ -22,20 +22,31 @@ __plugin_meta__ = {
|
||||
"usage": "/code_py - 进入交互模式,等待输入代码块\n/code_py [单行代码] - 快速执行单行代码",
|
||||
}
|
||||
|
||||
# --- 安全配置:危险模块黑名单 ---
|
||||
# --- 安全配置:危险模块和内置函数黑名单 ---
|
||||
DANGEROUS_MODULES = [
|
||||
"os", "sys", "subprocess", "shutil", "socket", "requests", "urllib",
|
||||
"http", "ftplib", "telnetlib", "ctypes", "_thread", "multiprocessing",
|
||||
"asyncio",
|
||||
]
|
||||
DANGEROUS_BUILTINS = [
|
||||
"__import__", "open", "exec", "eval", "compile", "input", "breakpoint"
|
||||
]
|
||||
|
||||
# 编译后的正则表达式,用于分割语句
|
||||
STATEMENT_SPLIT_PATTERN = re.compile(r'[;\n]')
|
||||
# 编译后的正则表达式,用于查找危险的内置函数调用
|
||||
BUILTIN_CALL_PATTERN = re.compile(r'\b(' + '|'.join(DANGEROUS_BUILTINS) + r')\s*\(')
|
||||
|
||||
def is_code_safe(code: str) -> Tuple[bool, str]:
|
||||
"""
|
||||
检查代码中是否包含危险的模块导入。
|
||||
检查代码中是否包含危险的模块导入或内置函数调用。
|
||||
"""
|
||||
# 1. 检查危险的内置函数
|
||||
found_builtins = BUILTIN_CALL_PATTERN.search(code)
|
||||
if found_builtins:
|
||||
return False, f"检测到不允许的内置函数调用:'{found_builtins.group(1)}'"
|
||||
|
||||
# 2. 检查危险的模块导入
|
||||
statements = STATEMENT_SPLIT_PATTERN.split(code)
|
||||
for statement in statements:
|
||||
statement = statement.strip()
|
||||
|
||||
Reference in New Issue
Block a user