From b601015800ba2ec28fdd064eb560349b51149936 Mon Sep 17 00:00:00 2001
From: Denis Ledoux <dle@odoo.com>
Date: Mon, 15 Sep 2014 11:55:53 +0200
Subject: [PATCH] [FIX] tools: restrict available attributes

---
 openerp/tools/safe_eval.py | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/openerp/tools/safe_eval.py b/openerp/tools/safe_eval.py
index 0b9b2e7a8a30..c317c9bea88e 100644
--- a/openerp/tools/safe_eval.py
+++ b/openerp/tools/safe_eval.py
@@ -42,6 +42,9 @@ __all__ = ['test_expr', 'safe_eval', 'const_eval']
 # lp:703841), does import time.
 _ALLOWED_MODULES = ['_strptime', 'time']
 
+_UNSAFE_ATTRIBUTES = ['f_builtins', 'f_globals', 'f_locals', 'gi_frame',
+                      'co_code', 'func_globals']
+
 _CONST_OPCODES = set(opmap[x] for x in [
     'POP_TOP', 'ROT_TWO', 'ROT_THREE', 'ROT_FOUR', 'DUP_TOP', 'DUP_TOPX',
     'POP_BLOCK','SETUP_LOOP', 'BUILD_LIST', 'BUILD_MAP', 'BUILD_TUPLE',
@@ -113,7 +116,7 @@ def assert_no_dunder_name(code_obj, expr):
     .. note:: actually forbids every name containing 2 underscores
     """
     for name in code_obj.co_names:
-        if "__" in name:
+        if "__" in name or name in _UNSAFE_ATTRIBUTES:
             raise NameError('Access to forbidden name %r (%r)' % (name, expr))
 
 def assert_valid_codeobj(allowed_codes, code_obj, expr):
-- 
GitLab