HCha/OpenAI-Functions
1
0
Fork 0
mirror of https://github.com/HChaZZY/OpenAI-Functions.git synced 2025-12-06 09:43:48 +08:00
Code Issues Packages Projects Releases Wiki Activity

fix(function_calling): improve security of function calls

Browse Source
This commit is contained in:
HCha
2025-07-09 23:09:48 +08:00
parent a3c2446a82
commit 28ae4d80aa
1 changed files with 17 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
main.py
View File

@@ -8,6 +8,14 @@ import socks
import function_generator as fun import function_generator as fun
SUPPORTED_MODELS = ["gpt-3.5-turbo-0613", "gpt-4-0613"] SUPPORTED_MODELS = ["gpt-3.5-turbo-0613", "gpt-4-0613"]
ALLOWED_FUNCTIONS = {
"get_time",
"run_cmd",
"wolframalpha",
"spider",
"read",
"write",
}
def set_proxy(HTTP_PROXY = None, SOCKS_PROXY = None): def set_proxy(HTTP_PROXY = None, SOCKS_PROXY = None):
""" """
@@ -84,7 +92,15 @@ def chat(messages, api_key, model, functions, base):
if use_function: if use_function:
if function_call["name"] != "exit": if function_call["name"] != "exit":
print(f"\n正在调用插件:{function_call['name']}") print(f"\n正在调用插件:{function_call['name']}")
function_response = eval(f"fun.{function_call['name']}({function_call['arguments']})")
function_name = function_call['name']
if function_name in ALLOWED_FUNCTIONS:
function_to_call = getattr(fun, function_name)
# Use .get() for safer access to arguments
function_response = function_to_call(function_call.get('arguments'))
else:
function_response = json.dumps({"error": f"Function '{function_name}' is not an allowed function."})
add_msg(messages, "function", function_response, function_call["name"]) add_msg(messages, "function", function_response, function_call["name"])
except Exception as e: except Exception as e:
print(f"调用OpenAI API时发生了错误: {str(e)}") print(f"调用OpenAI API时发生了错误: {str(e)}")