From 75e1981e130cd5bb2d9788603af70eba69f62b7e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Mathias=20Panzenb=C3=B6ck?=
 <134175+panzi@users.noreply.github.com>
Date: Mon, 20 Jan 2025 02:52:47 +0100
Subject: [PATCH] Remove use of eval() from recognizer.py (#4480)

`eval(op_type)` -> `getattr(operators, op_type)`

### What problem does this PR solve?

Using `eval()` can lead to code injections and is entirely unnecessary
here.

### Type of change

- [x] Other (please describe):

Best practice code improvement, preventing the possibility of code
injection.
---
 deepdoc/vision/recognizer.py | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/deepdoc/vision/recognizer.py b/deepdoc/vision/recognizer.py
index ec6ac9308..0695005c7 100644
--- a/deepdoc/vision/recognizer.py
+++ b/deepdoc/vision/recognizer.py
@@ -25,6 +25,7 @@ from huggingface_hub import snapshot_download
 from api.utils.file_utils import get_project_base_directory
 from .operators import *  # noqa: F403
 from .operators import preprocess
+from . import operators
 
 
 class Recognizer(object):
@@ -319,7 +320,7 @@ class Recognizer(object):
             ]:
                 new_op_info = op_info.copy()
                 op_type = new_op_info.pop('type')
-                preprocess_ops.append(eval(op_type)(**new_op_info))
+                preprocess_ops.append(getattr(operators, op_type)(**new_op_info))
 
             for im_path in image_list:
                 im, im_info = preprocess(im_path, preprocess_ops)