DOC: Document Remote Code Execution risk for Dataframe.query and computation.eval #58697
+5
−0
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This reverts commit 79c603e.
rhshadrach
requested changes
May 21, 2024
pandas/core/frame.py
Outdated
Comment on lines
4476
to
4478
| This function pass the `expr` parameter to :meth:`~pandas.DataFrame.eval`. | ||
| This allows `eval` to run arbitrary code, which can make you vulnerable to code | ||
| injection if you pass user input to this function. |
There was a problem hiding this comment.
Suggested change
| This function pass the `expr` parameter to :meth:`~pandas.DataFrame.eval`. | |
| This allows `eval` to run arbitrary code, which can make you vulnerable to code | |
| injection if you pass user input to this function. | |
| This method can run arbitrary code, which can make you vulnerable to code | |
| injection if you pass user input to this function. |
I don't think we need to mention the implementation details; it's sufficient to warn that query can run arbitrary code.
pandas/core/computation/eval.py
Outdated
Comment on lines
196
to
197
| This allows `eval` to run arbitrary code, which can make you vulnerable to code | ||
| injection if you pass user input to this function. |
There was a problem hiding this comment.
This is an internal method, right? In such case, I don't think this is necessary.
There was a problem hiding this comment.
Ah - this is exposed at the top level. Agree with including it, but I don't think starting with This is accurate - it
reads to me like that refers to the previous sentence. Can just say
evalcan run arbitrary code, ...
|
Thanks @r0rshark! |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
TLDR
This diff adds documentation to the Remote Code Execution risk for
Dataframe.queryandcomputation.evalwith the same wording used in Dataframe.evalDetails
The Dataframe.query function is internally calling Dataframe.eval here passing the
exprparameter.Dataframe.eval is correctly warning in the documentation that this could lead to Code execution risk.
This is possible because using the
@syntax we can access local variables and by referencing the imported pandas library we can get theos.systemfunction thanks toosbeing imported inside compat/init.py. In this way passing something like@pd.compat.os.system('whoami')to theexprparameter ofDataframe.querywe can achieve code execution.However in Dataframe.query documentation we do not surface this risk we only point out that pandas.eval is called but also there we do not warn about any code execution risks.
The vulnerable code I found and that also surprised the developer who wrote it of the code execution risk can be summarized in UserControlled input flowing into the DataFrame.query expr value similarly to
Calling this api with data:
https://[email protected]('whoami')
will allow code execution.