charieswei
/
TradingAgents
mirror of https://github.com/TauricResearch/TradingAgents.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

🔒 Fix Denial of Service vulnerability in is_empty 

Co-authored-by: aguzererler <6199053+aguzererler@users.noreply.github.com>
This commit is contained in:
google-labs-jules[bot] 2026-03-21 22:19:58 +00:00
parent 5799bb3f00
commit 2192a32d03
1 changed files with 5 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
cli/main.py
View File

@ -826,8 +826,6 @@ def extract_content_string(content):
"""Extract string content from various message formats. """Extract string content from various message formats.
Returns None if no meaningful text content is found. Returns None if no meaningful text content is found.
""" """
import ast
def is_empty(val): def is_empty(val):
"""Check if value is empty using Python's truthiness.""" """Check if value is empty using Python's truthiness."""
if val is None or val == '': if val is None or val == '':
@ -836,10 +834,11 @@ def extract_content_string(content):
s = val.strip() s = val.strip()
if not s: if not s:
return True return True
try: # Check for common string representations of "empty" values
return not bool(ast.literal_eval(s)) # to avoid using unsafe ast.literal_eval
except (ValueError, SyntaxError): if s.lower() in ("[]", "{}", "()", "none", "false", "0", "0.0", '""', "''"):
return False # Can't parse = real text return True
return False
return not bool(val) return not bool(val)
if is_empty(content): if is_empty(content):