diff options
-rw-r--r-- | CMakeLists.txt | 3 | ||||
-rw-r--r-- | build_files/scons/tools/btools.py | 3 | ||||
-rw-r--r-- | release/scripts/startup/bl_ui/space_info.py | 11 | ||||
-rw-r--r-- | source/blender/blenkernel/BKE_global.h | 5 | ||||
-rw-r--r-- | source/blender/editors/space_script/script_edit.c | 21 | ||||
-rw-r--r-- | source/blender/editors/space_script/script_intern.h | 1 | ||||
-rw-r--r-- | source/blender/editors/space_script/script_ops.c | 1 | ||||
-rw-r--r-- | source/blender/python/intern/bpy_app.c | 16 | ||||
-rw-r--r-- | source/blender/python/intern/bpy_driver.c | 8 | ||||
-rw-r--r-- | source/blender/python/intern/bpy_interface.c | 11 | ||||
-rw-r--r-- | source/blender/windowmanager/SConscript | 3 | ||||
-rw-r--r-- | source/blender/windowmanager/intern/wm_files.c | 2 | ||||
-rw-r--r-- | source/blender/windowmanager/intern/wm_operators.c | 29 | ||||
-rw-r--r-- | source/creator/creator.c | 18 |
14 files changed, 113 insertions, 19 deletions
diff --git a/CMakeLists.txt b/CMakeLists.txt index 86848d10422..39b75d9a32b 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -118,9 +118,10 @@ mark_as_advanced(WITH_BLENDER) option(WITH_INTERNATIONAL "Enable I18N (International fonts and text)" ON) option(WITH_PYTHON "Enable Embedded Python API (only disable for development)" ON) -option(WITH_PYTHON_SECURITY "Disables execution of scripts within blend files by default (recommend to leave off)" OFF) +option(WITH_PYTHON_SECURITY "Disables execution of scripts within blend files by default" ON) mark_as_advanced(WITH_PYTHON) # dont want people disabling this unless they really know what they are doing. mark_as_advanced(WITH_PYTHON_SECURITY) # some distributions see this as a security issue, rather than have them patch it, make a build option. +set(WITH_PYTHON_SECURITY ON CACHE BOOL "ON" FORCE) # temp force on. option(WITH_PYTHON_SAFETY "Enable internal API error checking to track invalid data to prevent crash on access (at the expense of some effeciency, only enable for development)." OFF) option(WITH_PYTHON_MODULE "Enable building as a python module which runs without a user interface, like running regular blender in background mode (experimental, only enable for development)" OFF) diff --git a/build_files/scons/tools/btools.py b/build_files/scons/tools/btools.py index b8d036d9a84..d28521a8d07 100644 --- a/build_files/scons/tools/btools.py +++ b/build_files/scons/tools/btools.py @@ -96,7 +96,7 @@ def print_arguments(args, bc): def validate_arguments(args, bc): opts_list = [ - 'WITH_BF_FREESTYLE', 'WITH_BF_PYTHON', 'WITH_BF_PYTHON_SAFETY', 'BF_PYTHON', 'BF_PYTHON_VERSION', 'BF_PYTHON_INC', 'BF_PYTHON_BINARY', 'BF_PYTHON_LIB', 'BF_PYTHON_LIBPATH', 'BF_PYTHON_LIBPATH_ARCH', 'WITH_BF_STATICPYTHON', 'WITH_OSX_STATICPYTHON', 'BF_PYTHON_LIB_STATIC', 'BF_PYTHON_DLL', 'BF_PYTHON_ABI_FLAGS', + 'WITH_BF_FREESTYLE', 'WITH_BF_PYTHON', 'WITH_BF_PYTHON_SAFETY', 'WITH_BF_PYTHON_SECURITY', 'BF_PYTHON', 'BF_PYTHON_VERSION', 'BF_PYTHON_INC', 'BF_PYTHON_BINARY', 'BF_PYTHON_LIB', 'BF_PYTHON_LIBPATH', 'BF_PYTHON_LIBPATH_ARCH', 'WITH_BF_STATICPYTHON', 'WITH_OSX_STATICPYTHON', 'BF_PYTHON_LIB_STATIC', 'BF_PYTHON_DLL', 'BF_PYTHON_ABI_FLAGS', 'WITH_BF_OPENAL', 'BF_OPENAL', 'BF_OPENAL_INC', 'BF_OPENAL_LIB', 'BF_OPENAL_LIBPATH', 'WITH_BF_STATICOPENAL', 'BF_OPENAL_LIB_STATIC', 'WITH_BF_SDL', 'BF_SDL', 'BF_SDL_INC', 'BF_SDL_LIB', 'BF_SDL_LIBPATH', 'WITH_BF_JACK', 'BF_JACK', 'BF_JACK_INC', 'BF_JACK_LIB', 'BF_JACK_LIBPATH', 'WITH_BF_JACK_DYNLOAD', @@ -254,6 +254,7 @@ def read_opts(env, cfg, args): ('LIBDIR', 'Root dir of libs'), (BoolVariable('WITH_BF_PYTHON', 'Compile with python', True)), (BoolVariable('WITH_BF_PYTHON_SAFETY', 'Internal API error checking to track invalid data to prevent crash on access (at the expense of some effeciency)', False)), + (BoolVariable('WITH_BF_PYTHON_SECURITY', 'Disables execution of scripts within blend files by default', True)), ('BF_PYTHON', 'Base path for python', ''), ('BF_PYTHON_VERSION', 'Python version to use', ''), ('BF_PYTHON_INC', 'Include path for Python headers', ''), diff --git a/release/scripts/startup/bl_ui/space_info.py b/release/scripts/startup/bl_ui/space_info.py index 4ea366e3541..1885f115aa8 100644 --- a/release/scripts/startup/bl_ui/space_info.py +++ b/release/scripts/startup/bl_ui/space_info.py @@ -64,6 +64,17 @@ class INFO_HT_header(Header): layout.template_reports_banner() row = layout.row(align=True) + + if bpy.app.autoexec_fail is True and bpy.app.autoexec_fail_quiet is False: + layout.operator_context = 'EXEC_DEFAULT' + row.label("Script failed to auto-run", icon='ERROR') + props = row.operator("wm.open_mainfile", icon='SCREEN_BACK', text="Reload Trusted") + props.filepath = bpy.data.filepath + props.use_scripts = True + row.operator("script.autoexec_warn_clear", icon='CANCEL') + row.label("Skipping: (%s)" % bpy.app.autoexec_fail_message) + return + row.operator("wm.splash", text="", icon='BLENDER', emboss=False) row.label(text=scene.statistics(), translate=False) diff --git a/source/blender/blenkernel/BKE_global.h b/source/blender/blenkernel/BKE_global.h index a0c6bcd4a5b..8a55d3e8a17 100644 --- a/source/blender/blenkernel/BKE_global.h +++ b/source/blender/blenkernel/BKE_global.h @@ -93,6 +93,9 @@ typedef struct Global { /* save the allowed windowstate of blender when using -W or -w (GHOST_TWindowState) */ int windowstate; + + /* message to use when autoexec fails */ + char autoexec_fail[200]; } Global; /* **************** GLOBAL ********************* */ @@ -109,6 +112,8 @@ typedef struct Global { #define G_SCRIPT_AUTOEXEC (1 << 13) #define G_SCRIPT_OVERRIDE_PREF (1 << 14) /* when this flag is set ignore the userprefs */ +#define G_SCRIPT_AUTOEXEC_FAIL (1 << 15) +#define G_SCRIPT_AUTOEXEC_FAIL_QUIET (1 << 16) /* #define G_NOFROZEN (1 << 17) also removed */ /* #define G_GREASEPENCIL (1 << 17) also removed */ diff --git a/source/blender/editors/space_script/script_edit.c b/source/blender/editors/space_script/script_edit.c index 96008004ee4..8074ec57474 100644 --- a/source/blender/editors/space_script/script_edit.c +++ b/source/blender/editors/space_script/script_edit.c @@ -36,6 +36,7 @@ #include "BLI_utildefines.h" #include "BKE_context.h" +#include "BKE_global.h" #include "WM_api.h" #include "WM_types.h" @@ -110,3 +111,23 @@ void SCRIPT_OT_reload(wmOperatorType *ot) /* api callbacks */ ot->exec = script_reload_exec; } + +static int script_autoexec_warn_clear_exec(bContext *UNUSED(C), wmOperator *UNUSED(op)) +{ + G.f |= G_SCRIPT_AUTOEXEC_FAIL_QUIET; + return OPERATOR_FINISHED; +} + +void SCRIPT_OT_autoexec_warn_clear(wmOperatorType *ot) +{ + /* identifiers */ + ot->name = "Continue Untrusted"; + ot->description = "Ignore autoexec warning"; + ot->idname = "SCRIPT_OT_autoexec_warn_clear"; + + /* flags */ + ot->flag = OPTYPE_INTERNAL; + + /* api callbacks */ + ot->exec = script_autoexec_warn_clear_exec; +} diff --git a/source/blender/editors/space_script/script_intern.h b/source/blender/editors/space_script/script_intern.h index 00863863994..cef6082aa1c 100644 --- a/source/blender/editors/space_script/script_intern.h +++ b/source/blender/editors/space_script/script_intern.h @@ -40,6 +40,7 @@ void script_keymap(struct wmKeyConfig *keyconf); /* script_edit.c */ void SCRIPT_OT_reload(struct wmOperatorType *ot); void SCRIPT_OT_python_file_run(struct wmOperatorType *ot); +void SCRIPT_OT_autoexec_warn_clear(struct wmOperatorType *ot); #endif /* __SCRIPT_INTERN_H__ */ diff --git a/source/blender/editors/space_script/script_ops.c b/source/blender/editors/space_script/script_ops.c index 57a1112a832..7398126a8e5 100644 --- a/source/blender/editors/space_script/script_ops.c +++ b/source/blender/editors/space_script/script_ops.c @@ -56,6 +56,7 @@ void script_operatortypes(void) { WM_operatortype_append(SCRIPT_OT_python_file_run); WM_operatortype_append(SCRIPT_OT_reload); + WM_operatortype_append(SCRIPT_OT_autoexec_warn_clear); } void script_keymap(wmKeyConfig *keyconf) diff --git a/source/blender/python/intern/bpy_app.c b/source/blender/python/intern/bpy_app.c index 17dafc4ac52..2edb0aee783 100644 --- a/source/blender/python/intern/bpy_app.c +++ b/source/blender/python/intern/bpy_app.c @@ -219,6 +219,12 @@ static int bpy_app_debug_value_set(PyObject *UNUSED(self), PyObject *value, void return 0; } +static PyObject *bpy_app_global_flag_get(PyObject *UNUSED(self), void *closure) +{ + const int flag = GET_INT_FROM_POINTER(closure); + return PyBool_FromLong(G.f & flag); +} + PyDoc_STRVAR(bpy_app_tempdir_doc, "String, the temp directory used by blender (read-only)" ); @@ -243,6 +249,11 @@ static PyObject *bpy_app_driver_dict_get(PyObject *UNUSED(self), void *UNUSED(cl return bpy_pydriver_Dict; } +static PyObject *bpy_app_autoexec_fail_message_get(PyObject *UNUSED(self), void *UNUSED(closure)) +{ + return PyC_UnicodeFromByte(G.autoexec_fail); +} + static PyGetSetDef bpy_app_getsets[] = { {(char *)"debug", bpy_app_debug_get, bpy_app_debug_set, (char *)bpy_app_debug_doc, (void *)G_DEBUG}, @@ -256,6 +267,11 @@ static PyGetSetDef bpy_app_getsets[] = { {(char *)"debug_value", bpy_app_debug_value_get, bpy_app_debug_value_set, (char *)bpy_app_debug_value_doc, NULL}, {(char *)"tempdir", bpy_app_tempdir_get, NULL, (char *)bpy_app_tempdir_doc, NULL}, {(char *)"driver_namespace", bpy_app_driver_dict_get, NULL, (char *)bpy_app_driver_dict_doc, NULL}, + + /* security */ + {(char *)"autoexec_fail", bpy_app_global_flag_get, NULL, NULL, (void *)G_SCRIPT_AUTOEXEC_FAIL}, + {(char *)"autoexec_fail_quiet", bpy_app_global_flag_get, NULL, NULL, (void *)G_SCRIPT_AUTOEXEC_FAIL_QUIET}, + {(char *)"autoexec_fail_message", bpy_app_autoexec_fail_message_get, NULL, NULL, NULL}, {NULL, NULL, NULL, NULL, NULL} }; diff --git a/source/blender/python/intern/bpy_driver.c b/source/blender/python/intern/bpy_driver.c index 72bfda89b64..e7c0b7b8811 100644 --- a/source/blender/python/intern/bpy_driver.c +++ b/source/blender/python/intern/bpy_driver.c @@ -37,6 +37,7 @@ #include "BLI_listbase.h" #include "BLI_math_base.h" +#include "BLI_string.h" #include "BKE_fcurve.h" #include "BKE_global.h" @@ -189,7 +190,12 @@ float BPY_driver_exec(ChannelDriver *driver, const float evaltime) return 0.0f; if (!(G.f & G_SCRIPT_AUTOEXEC)) { - printf("skipping driver '%s', automatic scripts are disabled\n", driver->expression); + if (!(G.f & G_SCRIPT_AUTOEXEC_FAIL_QUIET)) { + G.f |= G_SCRIPT_AUTOEXEC_FAIL; + BLI_snprintf(G.autoexec_fail, sizeof(G.autoexec_fail), "Driver '%s'", driver->expression); + + printf("skipping driver '%s', automatic scripts are disabled\n", driver->expression); + } return 0.0f; } diff --git a/source/blender/python/intern/bpy_interface.c b/source/blender/python/intern/bpy_interface.c index 75827ce8bbf..c39168779fd 100644 --- a/source/blender/python/intern/bpy_interface.c +++ b/source/blender/python/intern/bpy_interface.c @@ -398,6 +398,10 @@ void BPY_python_end(void) void BPY_python_reset(bContext *C) { + /* unrelated security stuff */ + G.f &= ~(G_SCRIPT_AUTOEXEC_FAIL | G_SCRIPT_AUTOEXEC_FAIL_QUIET); + G.autoexec_fail[0] = '\0'; + BPY_driver_reset(); BPY_app_handlers_reset(false); BPY_modules_load_user(C); @@ -725,7 +729,12 @@ void BPY_modules_load_user(bContext *C) for (text = bmain->text.first; text; text = text->id.next) { if (text->flags & TXT_ISSCRIPT && BLI_testextensie(text->id.name + 2, ".py")) { if (!(G.f & G_SCRIPT_AUTOEXEC)) { - printf("scripts disabled for \"%s\", skipping '%s'\n", bmain->name, text->id.name + 2); + if (!(G.f & G_SCRIPT_AUTOEXEC_FAIL_QUIET)) { + G.f |= G_SCRIPT_AUTOEXEC_FAIL; + BLI_snprintf(G.autoexec_fail, sizeof(G.autoexec_fail), "Register Text '%s'", text->id.name + 2); + + printf("scripts disabled for \"%s\", skipping '%s'\n", bmain->name, text->id.name + 2); + } } else { PyObject *module = bpy_text_import(text); diff --git a/source/blender/windowmanager/SConscript b/source/blender/windowmanager/SConscript index 3a813d7d598..0a2f48f0488 100644 --- a/source/blender/windowmanager/SConscript +++ b/source/blender/windowmanager/SConscript @@ -78,4 +78,7 @@ if env['WITH_BF_INTERNATIONAL']: if env['WITH_BF_COMPOSITOR']: defs.append("WITH_COMPOSITOR") +if env['WITH_BF_PYTHON_SECURITY']: + defs.append("WITH_PYTHON_SECURITY") + env.BlenderLib ( 'bf_windowmanager', sources, Split(incs), defines=defs, libtype=['core'], priority=[5] ) diff --git a/source/blender/windowmanager/intern/wm_files.c b/source/blender/windowmanager/intern/wm_files.c index c372e2d1ce6..f9e93118033 100644 --- a/source/blender/windowmanager/intern/wm_files.c +++ b/source/blender/windowmanager/intern/wm_files.c @@ -541,7 +541,7 @@ int wm_homefile_read(bContext *C, ReportList *UNUSED(reports), short from_memory success = BKE_read_file_from_memory(C, datatoc_startup_blend, datatoc_startup_blend_size, NULL); if (wmbase.first == NULL) wm_clear_default_size(C); -#ifdef WITH_PYTHON_SECURITY /* not default */ +#ifdef WITH_PYTHON_SECURITY /* use alternative setting for security nuts * otherwise we'd need to patch the binary blob - startup.blend.c */ U.flag |= USER_SCRIPT_AUTOEXEC_DISABLE; diff --git a/source/blender/windowmanager/intern/wm_operators.c b/source/blender/windowmanager/intern/wm_operators.c index 423ddfcc568..d832e84d7f0 100644 --- a/source/blender/windowmanager/intern/wm_operators.c +++ b/source/blender/windowmanager/intern/wm_operators.c @@ -1916,19 +1916,26 @@ static void WM_OT_read_factory_settings(wmOperatorType *ot) /* *************** open file **************** */ -static void open_set_load_ui(wmOperator *op) +static void open_set_load_ui(wmOperator *op, bool use_prefs) { - if (!RNA_struct_property_is_set(op->ptr, "load_ui")) - RNA_boolean_set(op->ptr, "load_ui", !(U.flag & USER_FILENOUI)); + PropertyRNA *prop = RNA_struct_find_property(op->ptr, "load_ui"); + if (!RNA_property_is_set(op->ptr, prop)) { + RNA_property_boolean_set(op->ptr, prop, use_prefs ? + (U.flag & USER_FILENOUI) == 0 : + (G.fileflags |= G_FILE_NO_UI) == 0); + } } -static void open_set_use_scripts(wmOperator *op) +static void open_set_use_scripts(wmOperator *op, bool use_prefs) { - if (!RNA_struct_property_is_set(op->ptr, "use_scripts")) { + PropertyRNA *prop = RNA_struct_find_property(op->ptr, "use_scripts"); + if (!RNA_property_is_set(op->ptr, prop)) { /* use G_SCRIPT_AUTOEXEC rather than the userpref because this means if * the flag has been disabled from the command line, then opening * from the menu wont enable this setting. */ - RNA_boolean_set(op->ptr, "use_scripts", (G.f & G_SCRIPT_AUTOEXEC)); + RNA_property_boolean_set(op->ptr, prop, use_prefs ? + (U.flag & USER_SCRIPT_AUTOEXEC_DISABLE) == 0 : + (G.f & G_SCRIPT_AUTOEXEC) != 0); } } @@ -1951,8 +1958,8 @@ static int wm_open_mainfile_invoke(bContext *C, wmOperator *op, const wmEvent *U } RNA_string_set(op->ptr, "filepath", openname); - open_set_load_ui(op); - open_set_use_scripts(op); + open_set_load_ui(op, true); + open_set_use_scripts(op, true); WM_event_add_fileselect(C, op); @@ -1964,8 +1971,10 @@ static int wm_open_mainfile_exec(bContext *C, wmOperator *op) char path[FILE_MAX]; RNA_string_get(op->ptr, "filepath", path); - open_set_load_ui(op); - open_set_use_scripts(op); + + /* re-use last loaded setting so we can reload a file without changing */ + open_set_load_ui(op, false); + open_set_use_scripts(op, false); if (RNA_boolean_get(op->ptr, "load_ui")) G.fileflags &= ~G_FILE_NO_UI; diff --git a/source/creator/creator.c b/source/creator/creator.c index 1451a525694..302467c6b3d 100644 --- a/source/creator/creator.c +++ b/source/creator/creator.c @@ -1639,11 +1639,21 @@ int main(int argc, const char **argv) WM_exit(C); } else { - if ((G.fileflags & G_FILE_AUTOPLAY) && (G.f & G_SCRIPT_AUTOEXEC)) { - if (WM_init_game(C)) - return 0; + if (G.fileflags & G_FILE_AUTOPLAY) { + if (G.f & G_SCRIPT_AUTOEXEC) { + if (WM_init_game(C)) { + return 0; + } + } + else { + if (!(G.f & G_SCRIPT_AUTOEXEC_FAIL_QUIET)) { + G.f |= G_SCRIPT_AUTOEXEC_FAIL; + BLI_snprintf(G.autoexec_fail, sizeof(G.autoexec_fail), "Game AutoStart"); + } + } } - else if (!G.file_loaded) { + + if (!G.file_loaded) { WM_init_splash(C); } } |