fix(logic): harden formula eval against sandbox escape

[Micsi]

Upstream Tracking

• Upstream PR: [Codex] fix(logic): harden formula eval against sandbox escape abeggled/openbridgeserver#527

Motivation

• value_formula strings from user-editable datapoint nodes were evaluated via GraphExecutor._safe_eval and could be abused to escape the Python sandbox and execute arbitrary code via object introspection.
• The previous mitigation only removed __builtins__, which is insufficient to prevent attribute traversal and other Python constructs from reaching import or OS primitives.
• This change hardens formula evaluation to prevent RCE while preserving existing math/formatting functionality.

Description

• Added GraphExecutor._validate_formula_ast which inspects the parsed AST and rejects disallowed node types and constructs before evaluation.
• Called the new _validate_formula_ast from GraphExecutor._safe_eval to enforce an allowlist of safe AST nodes and permitted names.
• Restricted function calls to direct name calls present in the allowlist and reject attribute access, comprehensions, and indirect calls.
• Updated unit tests in tests/unit/test_executor.py to assert that attribute-based sandbox escape payloads are blocked (replacing the previous attribute-access expectation).

Testing

• Ran the modified unit tests with pytest -q tests/unit/test_executor.py, which completed successfully with 193 passed and no failures.
• The changes are limited to obs/logic/executor.py and tests/unit/test_executor.py and preserve existing executor behavior for allowed math expressions.

---

Codex Task

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 754c857283

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

[chatgpt-codex-connector]

Permit keyword args in safe formula calls

The new AST allowlist rejects ast.keyword, so any formula that uses keyword arguments (for example round(x, ndigits=1) or min(a=..., b=...)) now fails with Disallowed expression element: keyword. This is a regression from previous behavior where such expressions evaluated successfully, and it can break already-saved formulas after this hardening change even though the called function is still from the allowed name set.

Useful? React with 👍 / 👎.