Restrict builtins within lambdas for ImageMath.eval

radarhere · radarhere · commit c930be0758ac · 2022-02-03T10:03:54.000+11:00
diff --git a/Tests/test_imagemath.py b/Tests/test_imagemath.py
@@ -52,9 +52,17 @@ def test_ops():
     assert pixel(ImageMath.eval("float(B)**33", images)) == "F 8589934592.0"
 
 
-def test_prevent_exec():
+@pytest.mark.parametrize(
+    "expression",
+    (
+        "exec('pass')",
+        "(lambda: exec('pass'))()",
+        "(lambda: (lambda: exec('pass'))())()",
+    ),
+)
+def test_prevent_exec(expression):
     with pytest.raises(ValueError):
-        ImageMath.eval("exec('pass')")
+        ImageMath.eval(expression)
 
 
 def test_logical():
diff --git a/src/PIL/ImageMath.py b/src/PIL/ImageMath.py
@@ -246,11 +246,18 @@ def eval(expression, _dict={}, **kw):
         if hasattr(v, "im"):
             args[k] = _Operand(v)
 
-    code = compile(expression, "<string>", "eval")
-    for name in code.co_names:
-        if name not in args and name != "abs":
-            raise ValueError(f"'{name}' not allowed")
+    compiled_code = compile(expression, "<string>", "eval")
 
+    def scan(code):
+        for const in code.co_consts:
+            if type(const) == type(compiled_code):
+                scan(const)
+
+        for name in code.co_names:
+            if name not in args and name != "abs":
+                raise ValueError(f"'{name}' not allowed")
+
+    scan(compiled_code)
     out = builtins.eval(expression, {"__builtins": {"abs": abs}}, args)
     try:
         return out.im
