Skip to content

Commit 2f9df17

Browse files
JelleZijlstraJelleZijlstra
authored
docs: add security implications of annotations (#727)
1 parent a7610ef commit 2f9df17

File tree

1 file changed

+37
-0
lines changed

1 file changed

+37
-0
lines changed

doc/index.rst

Lines changed: 37 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -815,6 +815,11 @@ Functions
815815
*format* specifies the format of the annotation and is a member of
816816
the :class:`Format` enum, defaulting to :attr:`Format.VALUE`.
817817

818+
.. caution::
819+
820+
This function may execute arbitrary code contained in annotations.
821+
See :ref:`annotations-security` for more information.
822+
818823
.. versionadded:: 4.13.0
819824

820825
.. function:: get_annotations(obj, *, globals=None, locals=None, eval_str=False, format=Format.VALUE)
@@ -834,6 +839,11 @@ Functions
834839

835840
typing_extensions.get_annotations(obj, format=Format.FORWARDREF)
836841

842+
.. caution::
843+
844+
This function may execute arbitrary code contained in annotations.
845+
See :ref:`annotations-security` for more information.
846+
837847
.. versionadded:: 4.13.0
838848

839849
.. function:: get_args(tp)
@@ -901,6 +911,11 @@ Functions
901911
:py:data:`typing.Required` and :py:data:`typing.NotRequired`.
902912
``typing_extensions`` backports these fixes.
903913

914+
.. caution::
915+
916+
This function may execute arbitrary code contained in annotations.
917+
See :ref:`annotations-security` for more information.
918+
904919
.. versionchanged:: 4.1.0
905920

906921
Interaction with :data:`Required` and :data:`NotRequired`.
@@ -1415,3 +1430,25 @@ If you have any feedback on our security process, please `open an issue
14151430
<https://github.com/python/typing_extensions/issues/new>`__. To report
14161431
an issue privately, use `GitHub's private reporting feature
14171432
<https://github.com/python/typing_extensions/security>`__.
1433+
1434+
.. _annotations-security:
1435+
1436+
Introspection of annotations
1437+
~~~~~~~~~~~~~~~~~~~~~~~~~~~~
1438+
1439+
Some functions in this module are designed to introspect annotations at
1440+
runtime. These functions may therefore execute code contained in annotations,
1441+
which can then perform arbitrary operations. For example,
1442+
:func:`get_annotations` may call an arbitrary :term:`annotate function`, and
1443+
:meth:`evaluate_forward_ref` may call :func:`eval` on an arbitrary string. Code contained
1444+
in an annotation might make arbitrary system calls, enter an infinite loop, or perform any
1445+
other operation. This is also true for any access of the :attr:`~object.__annotations__` attribute
1446+
(as of Python 3.14),
1447+
and for various functions in the :mod:`typing` module that work with annotations, such as
1448+
:func:`typing.get_type_hints`.
1449+
1450+
Any security issue arising from this also applies immediately after importing
1451+
code that may contain untrusted annotations: importing code can always cause arbitrary operations
1452+
to be performed. However, it is unsafe to accept strings or other input from an untrusted source and
1453+
pass them to any of the APIs for introspecting annotations, for example by editing an
1454+
``__annotations__`` dictionary or directly creating a :class:`ForwardRef` object.

0 commit comments

Comments
 (0)