OpenSource
/
ragflow
關注 4
收藏 0
複製 0
程式碼 問題 0 合併請求 0 版本發佈 33 Wiki 活動
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
3622 提交
7 分支
目錄樹: 79481becea
分支列表 標籤
${ item.name }
建立分支 ${ searchTerm }
從 '79481becea'
${ noResults }
ragflow/sandbox/executor_manager/services/security.py

security.py 7.6KB
原始文件 Normal View 歷史記錄

Feat: add code_executor_manager (#7814) ### What problem does this PR solve? Add code_executor_manager. #4977. ### Type of change - [x] New Feature (non-breaking change which adds functionality)
5 月之前
 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173 
  1. #

  2. #  Copyright 2025 The InfiniFlow Authors. All Rights Reserved.

  3. #

  4. #  Licensed under the Apache License, Version 2.0 (the "License");

  5. #  you may not use this file except in compliance with the License.

  6. #  You may obtain a copy of the License at

  7. #

  8. #      http://www.apache.org/licenses/LICENSE-2.0

  9. #

  10. #  Unless required by applicable law or agreed to in writing, software

  11. #  distributed under the License is distributed on an "AS IS" BASIS,

  12. #  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

  13. #  See the License for the specific language governing permissions and

  14. #  limitations under the License.

  15. #

  16. import ast

  17. from typing import List, Tuple

  18. 

  19. from core.logger import logger

  20. from models.enums import SupportLanguage

  21. 

  22. 

  23. class SecurePythonAnalyzer(ast.NodeVisitor):

  24.     """

  25.     An AST-based analyzer for detecting unsafe Python code patterns.

  26.     """

  27. 

  28.     DANGEROUS_IMPORTS = {"os", "subprocess", "sys", "shutil", "socket", "ctypes", "pickle", "threading", "multiprocessing", "asyncio", "http.client", "ftplib", "telnetlib"}

  29. 

  30.     DANGEROUS_CALLS = {

  31.         "eval",

  32.         "exec",

  33.         "open",

  34.         "__import__",

  35.         "compile",

  36.         "input",

  37.         "system",

  38.         "popen",

  39.         "remove",

  40.         "rename",

  41.         "rmdir",

  42.         "chdir",

  43.         "chmod",

  44.         "chown",

  45.         "getattr",

  46.         "setattr",

  47.         "globals",

  48.         "locals",

  49.         "shutil.rmtree",

  50.         "subprocess.call",

  51.         "subprocess.Popen",

  52.         "ctypes",

  53.         "pickle.load",

  54.         "pickle.loads",

  55.         "pickle.dump",

  56.         "pickle.dumps",

  57.     }

  58. 

  59.     def __init__(self):

  60.         self.unsafe_items: List[Tuple[str, int]] = []

  61. 

  62.     def visit_Import(self, node: ast.Import):

  63.         """Check for dangerous imports."""

  64.         for alias in node.names:

  65.             if alias.name.split(".")[0] in self.DANGEROUS_IMPORTS:

  66.                 self.unsafe_items.append((f"Import: {alias.name}", node.lineno))

  67.         self.generic_visit(node)

  68. 

  69.     def visit_ImportFrom(self, node: ast.ImportFrom):

  70.         """Check for dangerous imports from specific modules."""

  71.         if node.module and node.module.split(".")[0] in self.DANGEROUS_IMPORTS:

  72.             self.unsafe_items.append((f"From Import: {node.module}", node.lineno))

  73.         self.generic_visit(node)

  74. 

  75.     def visit_Call(self, node: ast.Call):

  76.         """Check for dangerous function calls."""

  77.         if isinstance(node.func, ast.Name) and node.func.id in self.DANGEROUS_CALLS:

  78.             self.unsafe_items.append((f"Call: {node.func.id}", node.lineno))

  79.         self.generic_visit(node)

  80. 

  81.     def visit_Attribute(self, node: ast.Attribute):

  82.         """Check for dangerous attribute access."""

  83.         if isinstance(node.value, ast.Name) and node.value.id in self.DANGEROUS_IMPORTS:

  84.             self.unsafe_items.append((f"Attribute Access: {node.value.id}.{node.attr}", node.lineno))

  85.         self.generic_visit(node)

  86. 

  87.     def visit_BinOp(self, node: ast.BinOp):

  88.         """Check for possible unsafe operations like concatenating strings with commands."""

  89.         # This could be useful to detect `eval("os." + "system")`

  90.         if isinstance(node.left, ast.Constant) and isinstance(node.right, ast.Constant):

  91.             self.unsafe_items.append(("Possible unsafe string concatenation", node.lineno))

  92.         self.generic_visit(node)

  93. 

  94.     def visit_FunctionDef(self, node: ast.FunctionDef):

  95.         """Check for dangerous function definitions (e.g., user-defined eval)."""

  96.         if node.name in self.DANGEROUS_CALLS:

  97.             self.unsafe_items.append((f"Function Definition: {node.name}", node.lineno))

  98.         self.generic_visit(node)

  99. 

  100.     def visit_Assign(self, node: ast.Assign):

  101.         """Check for assignments to variables that might lead to dangerous operations."""

  102.         for target in node.targets:

  103.             if isinstance(target, ast.Name) and target.id in self.DANGEROUS_CALLS:

  104.                 self.unsafe_items.append((f"Assignment to dangerous variable: {target.id}", node.lineno))

  105.         self.generic_visit(node)

  106. 

  107.     def visit_Lambda(self, node: ast.Lambda):

  108.         """Check for lambda functions with dangerous operations."""

  109.         if isinstance(node.body, ast.Call) and isinstance(node.body.func, ast.Name) and node.body.func.id in self.DANGEROUS_CALLS:

  110.             self.unsafe_items.append(("Lambda with dangerous function call", node.lineno))

  111.         self.generic_visit(node)

  112. 

  113.     def visit_ListComp(self, node: ast.ListComp):

  114.         """Check for list comprehensions with dangerous operations."""

  115.         # First, visit the generators to check for any issues there

  116.         for elem in node.generators:

  117.             if isinstance(elem, ast.comprehension):

  118.                 self.generic_visit(elem)

  119. 

  120.         if isinstance(node.elt, ast.Call) and isinstance(node.elt.func, ast.Name) and node.elt.func.id in self.DANGEROUS_CALLS:

  121.             self.unsafe_items.append(("List comprehension with dangerous function call", node.lineno))

  122.         self.generic_visit(node)

  123. 

  124.     def visit_DictComp(self, node: ast.DictComp):

  125.         """Check for dictionary comprehensions with dangerous operations."""

  126.         # Check for dangerous calls in both the key and value expressions of the dictionary comprehension

  127.         if isinstance(node.key, ast.Call) and isinstance(node.key.func, ast.Name) and node.key.func.id in self.DANGEROUS_CALLS:

  128.             self.unsafe_items.append(("Dict comprehension with dangerous function call in key", node.lineno))

  129. 

  130.         if isinstance(node.value, ast.Call) and isinstance(node.value.func, ast.Name) and node.value.func.id in self.DANGEROUS_CALLS:

  131.             self.unsafe_items.append(("Dict comprehension with dangerous function call in value", node.lineno))

  132. 

  133.         # Visit other sub-nodes (e.g., the generators in the comprehension)

  134.         self.generic_visit(node)

  135. 

  136.     def visit_SetComp(self, node: ast.SetComp):

  137.         """Check for set comprehensions with dangerous operations."""

  138.         for elt in node.generators:

  139.             if isinstance(elt, ast.comprehension):

  140.                 self.generic_visit(elt)

  141. 

  142.         if isinstance(node.elt, ast.Call) and isinstance(node.elt.func, ast.Name) and node.elt.func.id in self.DANGEROUS_CALLS:

  143.             self.unsafe_items.append(("Set comprehension with dangerous function call", node.lineno))

  144. 

  145.         self.generic_visit(node)

  146. 

  147.     def visit_Yield(self, node: ast.Yield):

  148.         """Check for yield statements that could be used to produce unsafe values."""

  149.         if isinstance(node.value, ast.Call) and isinstance(node.value.func, ast.Name) and node.value.func.id in self.DANGEROUS_CALLS:

  150.             self.unsafe_items.append(("Yield with dangerous function call", node.lineno))

  151.         self.generic_visit(node)

  152. 

  153. 

  154. def analyze_code_security(code: str, language: SupportLanguage) -> Tuple[bool, List[Tuple[str, int]]]:

  155.     """

  156.     Analyze the provided code string and return whether it's safe and why.

  157. 

  158.     :param code: The source code to analyze.

  159.     :param language: The programming language of the code.

  160.     :return: (is_safe: bool, issues: List of (description, line number))

  161.     """

  162.     if language == SupportLanguage.PYTHON:

  163.         try:

  164.             tree = ast.parse(code)

  165.             analyzer = SecurePythonAnalyzer()

  166.             analyzer.visit(tree)

  167.             return len(analyzer.unsafe_items) == 0, analyzer.unsafe_items

  168.         except Exception as e:

  169.             logger.error(f"[SafeCheck] Python parsing failed: {str(e)}")

  170.             return False, [(f"Parsing Error: {str(e)}", -1)]

  171.     else:

  172.         logger.warning(f"[SafeCheck] Unsupported language for security analysis: {language} — defaulting to SAFE (manual review recommended)")

  173.         return True, [(f"Unsupported language for security analysis: {language} — defaulted to SAFE, manual review recommended", -1)]