Rename the type filter to type_debug

Because we add the names of all filters to the callable whitelist used by safe_eval, adding a filter named type makes it so code calling "type()" gets eval'd. We can't think of a way to exploit this but it's sufficiently sketchy that we're renaming it in case someone smarter than us can think of a problem.
2026-05-06 21:32:49 +00:00 · 2017-01-11 13:46:22 -08:00
parent 4cdb266dac
commit eeebd51f21
2 changed files with 3 additions and 3 deletions
--- a/lib/ansible/plugins/filter/core.py
+++ b/lib/ansible/plugins/filter/core.py
@@ -534,5 +534,5 @@ class FilterModule(object):
            'skip'    : skipped,

            # debug
-            'type': lambda o: o.__class__.__name__,
+            'type_debug': lambda o: o.__class__.__name__,
        }