Harden _enables_code_execution_tool against non-dict tool entries

Verify each entry and its function field are dicts before reading the tool
name, matching the defensive isinstance checks the payload.tools validation
already uses. The callers pass resolved internal tool specs, so this is
robustness rather than a reachable bug.
This commit is contained in:
danielhanchen 2026-07-07 11:09:33 +00:00
parent 13c012a7b3
commit 9d5e2f20d6

View file

@ -1769,7 +1769,10 @@ def _enables_code_execution_tool(tools: list[dict]) -> bool:
streaming requirement is scoped to requests that actually expose one."""
from core.inference.tools import CODE_EXECUTION_TOOL_NAMES
return any(
(t.get("function") or {}).get("name") in CODE_EXECUTION_TOOL_NAMES for t in (tools or [])
isinstance(t, dict)
and isinstance(t.get("function"), dict)
and t["function"].get("name") in CODE_EXECUTION_TOOL_NAMES
for t in (tools or [])
)