From 4b367245ebc4f40656759c8248ada52eeb3d1aa5 Mon Sep 17 00:00:00 2001
From: Corentin Flr <10946971+cogk@users.noreply.github.com>
Date: Mon, 11 Dec 2023 06:10:27 +0100
Subject: [PATCH] Merge pull request from GHSA-v3vh-7qx4-f582

---
 frappe/utils/safe_exec.py | 13 ++++++++++---
 1 file changed, 10 insertions(+), 3 deletions(-)

diff --git a/frappe/utils/safe_exec.py b/frappe/utils/safe_exec.py
index a9f457a0a6..b2cea7f7cf 100644
--- a/frappe/utils/safe_exec.py
+++ b/frappe/utils/safe_exec.py
@@ -149,9 +149,16 @@ def _validate_safe_eval_syntax(code):
 
 @contextmanager
 def safe_exec_flags():
-	frappe.flags.in_safe_exec = True
-	yield
-	frappe.flags.in_safe_exec = False
+	if not frappe.flags.in_safe_exec:
+		frappe.flags.in_safe_exec = 0
+
+	frappe.flags.in_safe_exec += 1
+
+	try:
+		yield
+	finally:
+		# Always ensure that the flag is decremented
+		frappe.flags.in_safe_exec -= 1
 
 
 def get_safe_globals():