test_mustache_template_attribute_access_vulnerability() — langchain Function Reference

Architecture documentation for the test_mustache_template_attribute_access_vulnerability() function in test_chat.py from the langchain codebase.

Function python LangChainCore LanguageModelBase

Entity Profile

LangChainCore→ LanguageModelBase→ test_mustache_template_attribute_access_vulnerability() — langchain Function Reference

Dependency Diagram

graph TD
  62cd5595_74e3_69e0_3021_685c5e291f7f["test_mustache_template_attribute_access_vulnerability()"]
  00c8bbe0_a31c_1ac8_487a_bfd5a9d6b117["test_chat.py"]
  62cd5595_74e3_69e0_3021_685c5e291f7f -->|defined in| 00c8bbe0_a31c_1ac8_487a_bfd5a9d6b117
  style 62cd5595_74e3_69e0_3021_685c5e291f7f fill:#6366f1,stroke:#818cf8,color:#fff

Relationship Graph

Source Code

libs/core/tests/unit_tests/prompts/test_chat.py lines 1954–1985

def test_mustache_template_attribute_access_vulnerability() -> None:
    """Test that Mustache template injection is blocked.

    Verify the fix for security vulnerability GHSA-6qv9-48xg-fc7f

    Previously, Mustache used getattr() as a fallback, allowing access to
    dangerous attributes like __class__, __globals__, etc.

    The fix adds isinstance checks that reject non-dict/list types.
    When templates try to traverse Python objects, they get empty string
    per Mustache spec (better than the previous behavior of exposing internals).
    """
    msg = HumanMessage("howdy")

    # Template tries to access attributes on a Python object
    prompt = ChatPromptTemplate.from_messages(
        [("human", "{{question.__class__.__name__}}")],
        template_format="mustache",
    )

    # After the fix: returns empty string (attack blocked!)
    # Previously would return "HumanMessage" via getattr()
    result = prompt.invoke({"question": msg})
    assert result.messages[0].content == ""  # type: ignore[attr-defined]

    # Mustache still works correctly with actual dicts
    prompt_dict = ChatPromptTemplate.from_messages(
        [("human", "{{person.name}}")],
        template_format="mustache",
    )
    result_dict = prompt_dict.invoke({"person": {"name": "Alice"}})
    assert result_dict.messages[0].content == "Alice"  # type: ignore[attr-defined]

Domain

LangChainCore

Subdomains

LanguageModelBase

Defined In

libs/core/tests/unit_tests/prompts/test_chat.py

Source

View on GitHub

Frequently Asked Questions

What does test_mustache_template_attribute_access_vulnerability() do?

test_mustache_template_attribute_access_vulnerability() is a function in the langchain codebase, defined in libs/core/tests/unit_tests/prompts/test_chat.py.

Where is test_mustache_template_attribute_access_vulnerability() defined?

test_mustache_template_attribute_access_vulnerability() is defined in libs/core/tests/unit_tests/prompts/test_chat.py at line 1954.

Analyze Your Own Codebase

Get architecture documentation, dependency graphs, and domain analysis for your codebase in minutes.

Try Supermodel Free