github/langchain
1
0
Fork 0
mirror of https://github.com/hwchase17/langchain.git synced 2025-09-03 03:59:42 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix code injection vuln (#11233)

Browse Source 
- **Description:** Fix a code injection vuln by adding one more keyword
into the filtering list
  - **Issue:** N/A
  - **Dependencies:** N/A
  - **Tag maintainer:** 
  - **Twitter handle:**

Co-authored-by: Eugene Yurtsev <eyurtsev@gmail.com>
This commit is contained in:
Haozhe
2023-09-29 13:16:00 -07:00
committed by GitHub
parent aebdb1ad01
commit 4c97a10bd0
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
libs/experimental/langchain_experimental/pal_chain/base.py
View File

@@ -20,7 +20,7 @@ from langchain_experimental.pal_chain.colored_object_prompt import COLORED_OBJEC
from langchain_experimental.pal_chain.math_prompt import MATH_PROMPT
from langchain_experimental.pydantic_v1 import Extra, Field
COMMAND_EXECUTION_FUNCTIONS = ["system", "exec", "execfile", "eval"]
COMMAND_EXECUTION_FUNCTIONS = ["system", "exec", "execfile", "eval", "__import__"]
class PALValidation: