mirror of
https://github.com/comfyanonymous/ComfyUI.git
synced 2026-05-08 16:22:38 +08:00
06e416bd0d
Defense-in-depth: cap readline() so a malformed or maliciously-large single-line file cannot blow up memory before the value is sanitized. Adds tests-unit/deploy_environment_test.py covering: missing file fallback, basic read, whitespace strip, multi-line (only first line used), empty + whitespace-only files, control-char stripping (header-injection protection), non-ASCII stripping, 128-byte read cap, cache stickiness, and OSError fallback. Amp-Thread-ID: https://ampcode.com/threads/T-019df26e-96f4-7518-94da-0e4263680e3c Co-authored-by: Amp <amp@ampcode.com>
36 lines
1008 B
Python
36 lines
1008 B
Python
import logging
|
|
import os
|
|
|
|
import folder_paths
|
|
|
|
logger = logging.getLogger(__name__)
|
|
|
|
_DEFAULT_DEPLOY_ENV = "local_git"
|
|
_ENV_FILENAME = ".comfy_environment"
|
|
|
|
_cached_value: str | None = None
|
|
|
|
|
|
def get_deploy_environment() -> str:
|
|
global _cached_value
|
|
if _cached_value is not None:
|
|
return _cached_value
|
|
|
|
env_file = os.path.join(folder_paths.base_path, _ENV_FILENAME)
|
|
try:
|
|
with open(env_file, encoding="utf-8") as f:
|
|
# Cap the read so a malformed or maliciously crafted file (e.g.
|
|
# a single huge line with no newline) can't blow up memory.
|
|
first_line = f.readline(128).strip()
|
|
value = "".join(c for c in first_line if 32 <= ord(c) < 127)
|
|
if value:
|
|
_cached_value = value
|
|
return _cached_value
|
|
except FileNotFoundError:
|
|
pass
|
|
except Exception as e:
|
|
logger.error("Failed to read %s: %s", env_file, e)
|
|
|
|
_cached_value = _DEFAULT_DEPLOY_ENV
|
|
return _cached_value
|