Do not use eval() to convert unknown types (#23266)

Signed-off-by: Russell Bryant <rbryant@redhat.com>
2025-10-20 14:53:52 +08:00 · 2025-08-20 16:28:30 -04:00
parent bf7c99dfc4
commit 4e51fa8cba
1 changed files with 4 additions and 9 deletions
--- a/vllm/entrypoints/openai/tool_parsers/qwen3coder_tool_parser.py
+++ b/vllm/entrypoints/openai/tool_parsers/qwen3coder_tool_parser.py
@ -208,15 +208,10 @@ class Qwen3CoderToolParser(ToolParser):
                            "valid JSON object in tool '%s', will try other "
                            "methods to parse it.", param_value, param_name,
                            func_name)
-                try:
-                    converted_value = eval(param_value)
-                    return converted_value
-                except Exception:
-                    logger.warning(
-                        "Parsed value '%s' of parameter '%s' cannot be "
-                        "converted via Python `eval()` in tool '%s', "
-                        "degenerating to string.", param_value, param_name,
-                        func_name)
+                logger.warning(
+                    "Parameter '%s' has unknown type '%s'. "
+                    "The value will be treated as a string.", param_name,
+                    param_type)
                return param_value

        # Extract function name