ys/GenericAgent
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
da91a0643f96360546e0450dd51395a005d3a882
GenericAgent/assets/code_run_header.py
MuziIsabel 3b93c6137d fix(sandbox): patch Popen + block startfile to prevent window leaks 
subprocess.run was already patched with CREATE_NO_WINDOW, but Popen and
os.startfile were unprotected. Agent code could open visible GUI windows
via subprocess.Popen(['notepad.exe']) or os.startfile().
2026-04-25 10:59:15 +08:00

31 lines
1.3 KiB
Python
Raw Blame History

import sys, os, json, re, time, subprocess
sys.path.append(os.path.join(os.path.dirname(os.path.abspath(__file__)), '..', 'memory'))
_r = subprocess.run
def _d(b):
if not b: return ''
if isinstance(b, str): return b
try: return b.decode()
except: return b.decode('gbk', 'replace')
def _run(*a, **k):
t = k.pop('text', 0) | k.pop('universal_newlines', 0)
enc = k.pop('encoding', None)
k.pop('errors', None)
if enc: t = 1
if t and isinstance(k.get('input'), str):
k['input'] = k['input'].encode()
r = _r(*a, **k)
if t:
if r.stdout is not None: r.stdout = _d(r.stdout)
if r.stderr is not None: r.stderr = _d(r.stderr)
return r
subprocess.run = _run
_Pi = subprocess.Popen.__init__
def _pinit(self, *a, **k):
if os.name == 'nt': k['creationflags'] = (k.get('creationflags') or 0) | 0x08000000
_Pi(self, *a, **k)
subprocess.Popen.__init__ = _pinit
if hasattr(os, 'startfile'):
def _nosf(*a, **k): raise RuntimeError("startfile disabled in sandbox")
os.startfile = _nosf
sys.excepthook = lambda t, v, tb: (sys.__excepthook__(t, v, tb), print(f"\n[Agent Hint]: NO GUESSING! You MUST probe first. If missing common package, pip.")) if issubclass(t, (ImportError, AttributeError)) else sys.__excepthook__(t, v, tb)
Reference in New Issue View Git Blame Copy Permalink