Security of Python's eval() on untrusted strings?

Question

If I am evaluating a Python string using eval(), and have a class like:

class Foo(object):
    a = 3
    def bar(self, x): return x + a

What are the security risks if I do not trust the string? In particular:

Is eval(string, {"f": Foo()}, {}) unsafe? That is, can you reach os or sys or something unsafe from a Foo instance?
Is eval(string, {}, {}) unsafe? That is, can I reach os or sys entirely from builtins like len and list?
Is there a way to make builtins not present at all in the eval context?

There are some unsafe strings like "[0] * 100000000" I don't care about, because at worst they slow/stop the program. I am primarily concerned about protecting user data external to the program.

Obviously, eval(string) without custom dictionaries is unsafe in most cases.

yes, if there's import sys sys.dostuff in the string you are doing eval on and you don't trust the strings stuff can get real ugly. — Vasil, Mar 19 '09 at 04:45
eval has the nice property it only allows expressions. So things like =, import, and print are not allowed. — , Mar 19 '09 at 05:06
I advocate to replace `eval(strg)` with `ast.literal_eval(strg)` — blackraven, Aug 16 '22 at 08:04

score 58 · Answer 1 · answered Mar 19 '09 at 05:13

58

eval() will allow malicious data to compromise your entire system, kill your cat, eat your dog and make love to your wife.

There was recently a thread about how to do this kind of thing safely on the python-dev list, and the conclusions were:

It's really hard to do this properly.
It requires patches to the python interpreter to block many classes of attacks.
Don't do it unless you really want to.

Start here to read about the challenge: http://tav.espians.com/a-challenge-to-break-python-security.html

What situation do you want to use eval() in? Are you wanting a user to be able to execute arbitrary expressions? Or are you wanting to transfer data in some way? Perhaps it's possible to lock down the input in some way.

answered Mar 19 '09 at 05:13

Jerub

41,746
15
73
90

9

@S. Lott — Isn't one of the driving ideas behind security to *prevent* bad things from happening rather than afterwards hoping you can both identify the attacker and convince them not to do it again? Why discourage good practices? – Ben Blank Mar 19 '09 at 20:54
2

Any situation where a person on the greater internet to write untrusted code to run on your systems requires that the untrusted persons be unable to attack. "Who is this person" - if you wrote something insecure with eval() and I knew? It would be me to show you you shouldn't have done that. – Jerub Mar 19 '09 at 22:13

score 21 · Accepted Answer · answered Jun 09 '12 at 20:28

21

You cannot secure eval with a blacklist approach like this. See Eval really is dangerous for examples of input that will segfault the CPython interpreter, give access to any class you like, and so on.

answered Jun 09 '12 at 20:28

Ned Batchelder

364,293
75
561
662

score 14 · Answer 3 · answered Mar 19 '09 at 21:55

14

You can get to os using builtin functions: __import__('os').

For python 2.6+, the ast module may help; in particular ast.literal_eval, although it depends on exactly what you want to eval.

answered Mar 19 '09 at 21:55

John Fouhy

41,203
19
62
77

yes, I advocate to replace `eval(strg)` with `ast.literal_eval(strg)` – blackraven Aug 16 '22 at 08:03

Benjamin Peterson · Answer 4 · 2009-03-19T23:19:09.827

7

Note that even if you pass empty dictionaries to eval(), it's still possible to segfault (C)Python with some syntax tricks. For example, try this on your interpreter: eval("()"*8**5)

edited Mar 19 '09 at 23:19

answered Mar 19 '09 at 20:36

Benjamin Peterson

19,297
6
32
39

Whoa, why did that cause a segfault? – jacob Mar 01 '10 at 01:54
2

It overflows the compiler's stack. – Benjamin Peterson Apr 08 '10 at 03:05

score 4 · Answer 5 · answered Mar 19 '09 at 05:57

4

You are probably better off turning the question around:

What sort of expressions are you wanting to eval?
Can you insure that only strings matching some narrowly defined syntax are eval()d?
Then consider if that is safe.

For example, if you are wanting to let the user enter an algebraic expression for evaluation, consider limiting them to one letter variable names, numbers, and a specific set of operators and functions. Don't eval() strings containing anything else.

answered Mar 19 '09 at 05:57

MarkusQ

21,814
3
56
68

3

@S.Lott -- If he's writing cryptography programs it's either Carol or Eve, and for email handling its s.kiddie@aol.com but I don't know if we've ever identified who it is in the general case. – MarkusQ Mar 19 '09 at 14:10
I'd go one step ahead and ask *why* you want to do this at all. – Noufal Ibrahim Jan 03 '10 at 09:17
This is a good video entitled "28c3: The Science of Insecurity" describing interfaces between programs. www.youtube.com/watch?v=3kEfedtQVOY It strongly encourages input messages to be either regular or context free. – eric.frederich Jan 20 '12 at 15:39

Tim Pietzcker · Answer 6 · 2014-11-22T05:28:53.347

2

There is a very good article on the un-safety of eval() in Mark Pilgrim's Dive into Python tutorial.

Quoted from this article:

In the end, it is possible to safely evaluate untrusted Python expressions, for some definition of “safe” that turns out not to be terribly useful in real life. It’s fine if you’re just playing around, and it’s fine if you only ever pass it trusted input. But anything else is just asking for trouble.

edited Nov 22 '14 at 05:28

answered Jan 03 '10 at 10:14

Tim Pietzcker

328,213
58
503
561

1

The link is no longer valid. – GingerPlusPlus Nov 21 '14 at 18:50
@GingerPlusPlus: Thanks, it appears that Mark has moved his domain. I've updated the links. – Tim Pietzcker Nov 22 '14 at 05:29

Security of Python's eval() on untrusted strings?

6 Answers6

Linked

Related