GitHub-Proxy/Cura
1
0
Fork 0
mirror of https://git.mirrors.martin98.com/https://github.com/Ultimaker/Cura synced 2025-06-04 03:04:23 +08:00
Code Issues Packages Projects Releases Wiki Activity

Prepare PostProcessingPlugin for security.

Browse Source
This commit is contained in:
Remco Burema 2020-01-17 17:15:37 +01:00
parent 0e5654e44b
commit fe2098376f
No known key found for this signature in database
GPG Key ID: 215C49431D43F98C
1 changed files with 7 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
plugins/PostProcessingPlugin/PostProcessingPlugin.py
View File

@ -4,6 +4,7 @@
from PyQt5.QtCore import QObject, pyqtProperty, pyqtSignal, pyqtSlot
from typing import Dict, Type, TYPE_CHECKING, List, Optional, cast
from UM.Trust import Trust
from UM.PluginRegistry import PluginRegistry
from UM.Resources import Resources
from UM.Application import Application
@ -161,7 +162,12 @@ class PostProcessingPlugin(QObject, Extension):
# Iterate over all scripts.
if script_name not in sys.modules:
try:
spec = importlib.util.spec_from_file_location(__name__ + "." + script_name, os.path.join(path, script_name + ".py"))
file_location = __name__ + "." + script_name, os.path.join(path, script_name + ".py")
trust_instance = Trust.getInstanceOrNone()
if trust_instance is not None and Trust.signatureFileExistsFor(file_location):
if not trust_instance.signedFileCheck(file_location):
raise Exception("Can't validate script {0}".format(file_location))
spec = importlib.util.spec_from_file_location(file_location)
loaded_script = importlib.util.module_from_spec(spec)
if spec.loader is None:
continue