Browse Source
Fix: patch SSTI vulnerability in template rendering (#7905)
### What problem does this PR solve? [[Critical] RagFlow has a SSTI, which can lead to Remote Code Execution (RCE).](https://github.com/infiniflow/ragflow/security/advisories/GHSA-mrf5-7w8r-8x88#event-463508) ### Type of change - [x] Bug Fix (non-breaking change which fixes an issue)tags/v0.19.1
liu an
5 months ago
1 changed files with 13 additions and 14 deletions
+ 13
- 14
agent/component/template.py
View File
| # | # | ||||
| import json | import json | ||||
| import re | import re | ||||
| from jinja2 import StrictUndefined | |||||
| from jinja2.sandbox import SandboxedEnvironment | |||||
| from agent.component.base import ComponentBase, ComponentParamBase | from agent.component.base import ComponentBase, ComponentParamBase | ||||
| from jinja2 import Template as Jinja2Template | |||||
| class TemplateParam(ComponentParamBase): | class TemplateParam(ComponentParamBase): | ||||
| result = "" | result = "" | ||||
| if "content" in out.columns: | if "content" in out.columns: | ||||
| result = "\n".join( | |||||
| [o if isinstance(o, str) else str(o) for o in out["content"]] | |||||
| ) | |||||
| result = "\n".join([o if isinstance(o, str) else str(o) for o in out["content"]]) | |||||
| self.make_kwargs(para, kwargs, result) | self.make_kwargs(para, kwargs, result) | ||||
| template = Jinja2Template(content) | |||||
| env = SandboxedEnvironment( | |||||
| autoescape=True, | |||||
| undefined=StrictUndefined, | |||||
| ) | |||||
| template = env.from_string(content) | |||||
| try: | try: | ||||
| content = template.render(kwargs) | content = template.render(kwargs) | ||||
| v = json.dumps(v, ensure_ascii=False) | v = json.dumps(v, ensure_ascii=False) | ||||
| except Exception: | except Exception: | ||||
| pass | pass | ||||
| content = re.sub( | |||||
| r"\{%s\}" % re.escape(n), v, content | |||||
| ) | |||||
| content = re.sub( | |||||
| r"(#+)", r" \1 ", content | |||||
| ) | |||||
| content = re.sub(r"\{%s\}" % re.escape(n), v, content) | |||||
| content = re.sub(r"(#+)", r" \1 ", content) | |||||
| return Template.be_output(content) | return Template.be_output(content) | ||||
| def make_kwargs(self, para, kwargs, value): | def make_kwargs(self, para, kwargs, value): | ||||
| self._param.inputs.append( | |||||
| {"component_id": para["key"], "content": value} | |||||
| ) | |||||
| self._param.inputs.append({"component_id": para["key"], "content": value}) | |||||
| try: | try: | ||||
| value = json.loads(value) | value = json.loads(value) | ||||
| except Exception: | except Exception: |
Loading…