Add processing algorithm flag for SecurityRisk

And add to "Advanced Python field calculator" algorithm, as that algorithm uses the Python exec() function and is a security risk if run with untrusted/unchecked inputs
2025-11-27 00:07:16 -05:00 · 2024-10-01 11:38:35 +10:00 · 2024-10-01 11:38:35 +10:00 · 2fdb2cad80
commit 2fdb2cad80
parent b07bcca8d2
6 changed files with 24 additions and 1 deletions
--- a/python/PyQt6/core/auto_additions/qgis.py
+++ b/python/PyQt6/core/auto_additions/qgis.py
@ -6228,6 +6228,9 @@ QgsProcessingAlgorithm.FlagRequiresProject = Qgis.ProcessingAlgorithmFlag.Requir
 QgsProcessingAlgorithm.Flag.FlagRequiresProject = Qgis.ProcessingAlgorithmFlag.RequiresProject
 QgsProcessingAlgorithm.FlagRequiresProject.is_monkey_patched = True
 QgsProcessingAlgorithm.FlagRequiresProject.__doc__ = "The algorithm requires that a valid QgsProject is available from the processing context in order to execute"
+QgsProcessingAlgorithm.SecurityRisk = Qgis.ProcessingAlgorithmFlag.SecurityRisk
+QgsProcessingAlgorithm.SecurityRisk.is_monkey_patched = True
+QgsProcessingAlgorithm.SecurityRisk.__doc__ = "The algorithm represents a potential security risk if executed with untrusted inputs. \n.. versionadded:: 3.40"
 QgsProcessingAlgorithm.FlagDeprecated = Qgis.ProcessingAlgorithmFlag.Deprecated
 QgsProcessingAlgorithm.Flag.FlagDeprecated = Qgis.ProcessingAlgorithmFlag.Deprecated
 QgsProcessingAlgorithm.FlagDeprecated.is_monkey_patched = True
@ -6296,6 +6299,10 @@ Qgis.ProcessingAlgorithmFlag.__doc__ = """Flags indicating how and when an algor

  Available as ``QgsProcessingAlgorithm.FlagRequiresProject`` in older QGIS releases.

+* ``SecurityRisk``: The algorithm represents a potential security risk if executed with untrusted inputs.
+
+  .. versionadded:: 3.40
+
 * ``Deprecated``: Algorithm is deprecated

  Available as ``QgsProcessingAlgorithm.FlagDeprecated`` in older QGIS releases.
--- a/python/PyQt6/core/auto_generated/qgis.sip.in
+++ b/python/PyQt6/core/auto_generated/qgis.sip.in
@ -1922,6 +1922,7 @@ The development version
      SkipGenericModelLogging,
      NotAvailableInStandaloneTool,
      RequiresProject,
+      SecurityRisk,
      Deprecated,
    };

--- a/python/core/auto_additions/qgis.py
+++ b/python/core/auto_additions/qgis.py
@ -6171,6 +6171,9 @@ QgsProcessingAlgorithm.FlagRequiresProject = Qgis.ProcessingAlgorithmFlag.Requir
 QgsProcessingAlgorithm.Flag.FlagRequiresProject = Qgis.ProcessingAlgorithmFlag.RequiresProject
 QgsProcessingAlgorithm.FlagRequiresProject.is_monkey_patched = True
 QgsProcessingAlgorithm.FlagRequiresProject.__doc__ = "The algorithm requires that a valid QgsProject is available from the processing context in order to execute"
+QgsProcessingAlgorithm.SecurityRisk = Qgis.ProcessingAlgorithmFlag.SecurityRisk
+QgsProcessingAlgorithm.SecurityRisk.is_monkey_patched = True
+QgsProcessingAlgorithm.SecurityRisk.__doc__ = "The algorithm represents a potential security risk if executed with untrusted inputs. \n.. versionadded:: 3.40"
 QgsProcessingAlgorithm.FlagDeprecated = Qgis.ProcessingAlgorithmFlag.Deprecated
 QgsProcessingAlgorithm.Flag.FlagDeprecated = Qgis.ProcessingAlgorithmFlag.Deprecated
 QgsProcessingAlgorithm.FlagDeprecated.is_monkey_patched = True
@ -6239,6 +6242,10 @@ Qgis.ProcessingAlgorithmFlag.__doc__ = """Flags indicating how and when an algor

  Available as ``QgsProcessingAlgorithm.FlagRequiresProject`` in older QGIS releases.

+* ``SecurityRisk``: The algorithm represents a potential security risk if executed with untrusted inputs.
+
+  .. versionadded:: 3.40
+
 * ``Deprecated``: Algorithm is deprecated

  Available as ``QgsProcessingAlgorithm.FlagDeprecated`` in older QGIS releases.
--- a/python/core/auto_generated/qgis.sip.in
+++ b/python/core/auto_generated/qgis.sip.in
@ -1922,6 +1922,7 @@ The development version
      SkipGenericModelLogging,
      NotAvailableInStandaloneTool,
      RequiresProject,
+      SecurityRisk,
      Deprecated,
    };

--- a/python/plugins/processing/algs/qgis/FieldPyculator.py
+++ b/python/plugins/processing/algs/qgis/FieldPyculator.py
@ -22,7 +22,8 @@ __copyright__ = '(C) 2012, Victor Olaya & NextGIS'
 import sys

 from qgis.PyQt.QtCore import QMetaType
-from qgis.core import (QgsProcessingException,
+from qgis.core import (Qgis,
+                       QgsProcessingException,
                       QgsField,
                       QgsFields,
                       QgsFeatureSink,
@ -47,6 +48,11 @@ class FieldsPyculator(QgisAlgorithm):
    OUTPUT = 'OUTPUT'
    RESULT_VAR_NAME = 'value'

+    def flags(self):
+        # This algorithm represents a security risk, due to the use
+        # of the Python "exec" function
+        return super().flags() | Qgis.ProcessingAlgorithmFlag.SecurityRisk
+
    def group(self):
        return self.tr('Vector table')

--- a/src/core/qgis.h
+++ b/src/core/qgis.h
@ -3303,6 +3303,7 @@ class CORE_EXPORT Qgis
      SkipGenericModelLogging SIP_MONKEYPATCH_COMPAT_NAME( FlagSkipGenericModelLogging ) = 1 << 12, //!< When running as part of a model, the generic algorithm setup and results logging should be skipped
      NotAvailableInStandaloneTool SIP_MONKEYPATCH_COMPAT_NAME( FlagNotAvailableInStandaloneTool ) = 1 << 13, //!< Algorithm should not be available from the standalone "qgis_process" tool. Used to flag algorithms which make no sense outside of the QGIS application, such as "select by..." style algorithms.
      RequiresProject SIP_MONKEYPATCH_COMPAT_NAME( FlagRequiresProject ) = 1 << 14, //!< The algorithm requires that a valid QgsProject is available from the processing context in order to execute
+      SecurityRisk = 1 << 15, //!< The algorithm represents a potential security risk if executed with untrusted inputs. \since QGIS 3.40
      Deprecated SIP_MONKEYPATCH_COMPAT_NAME( FlagDeprecated ) = HideFromToolbox | HideFromModeler, //!< Algorithm is deprecated
    };
    Q_ENUM( ProcessingAlgorithmFlag );