qiskit 1.4.1__cp39-abi3-manylinux_2_17_aarch64.manylinux2014_aarch64.whl → 1.4.2__cp39-abi3-manylinux_2_17_aarch64.manylinux2014_aarch64.whl

qiskit/VERSION.txt

@@ -1 +1 @@
-1.4.1
+1.4.2

qiskit/circuit/parameterexpression.py

@@ -25,7 +25,7 @@ import operator
 import numpy
 import symengine
 
-from qiskit.circuit.exceptions import CircuitError
+from qiskit.circuit.exceptions import CircuitError, QiskitError
 
 # This type is redefined at the bottom to insert the full reference to "ParameterExpression", so it
 # can safely be used by runtime type-checkers like Sphinx.  Mypy does not need this because it
@@ -528,6 +528,9 @@ class ParameterExpression:
     def __str__(self):
         from sympy import sympify, sstr
 
+        if not isinstance(self._symbol_expr, symengine.Basic):
+            raise QiskitError("Invalid ParameterExpression")
+
         return sstr(sympify(self._symbol_expr), full_prec=False)
 
     def __complex__(self):
@@ -608,6 +611,8 @@ class ParameterExpression:
                 return False
             from sympy import sympify
 
+            if not isinstance(self._symbol_expr, symengine.Basic):
+                raise QiskitError("Invalid ParameterExpression")
             return sympify(self._symbol_expr).equals(sympify(other._symbol_expr))
         elif isinstance(other, numbers.Number):
             return len(self.parameters) == 0 and complex(self._symbol_expr) == other

qiskit/circuit/tools/pi_check.py

@@ -49,7 +49,10 @@ def pi_check(inpt, eps=1e-9, output="text", ndigits=None):
     if isinstance(inpt, ParameterExpression):
         param_str = str(inpt)
         from sympy import sympify
+        import symengine
 
+        if not isinstance(inpt._symbol_expr, symengine.Basic):
+            raise QiskitError("Invalid ParameterExpression provided")
         expr = sympify(inpt._symbol_expr)
         syms = expr.atoms()
         for sym in syms:

qiskit/qpy/binary_io/circuits.py

@@ -638,7 +638,7 @@ def _read_custom_operations(file_obj, version, vectors):
     return custom_operations
 
 
-def _read_calibrations(file_obj, version, vectors, metadata_deserializer):
+def _read_calibrations(file_obj, version, vectors, metadata_deserializer, trust_input=False):
     calibrations = {}
 
     header = formats.CALIBRATION._make(
@@ -656,7 +656,12 @@ def _read_calibrations(file_obj, version, vectors, metadata_deserializer):
         params = tuple(
             value.read_value(file_obj, version, vectors) for _ in range(defheader.num_params)
         )
-        schedule = schedules.read_schedule_block(file_obj, version, metadata_deserializer)
+        schedule = schedules.read_schedule_block(
+            file_obj,
+            version,
+            metadata_deserializer,
+            trust_input=trust_input,
+        )
 
         if name not in calibrations:
             calibrations[name] = {(qubits, params): schedule}
@@ -1327,7 +1332,9 @@ def write_circuit(
     _write_layout(file_obj, circuit)
 
 
-def read_circuit(file_obj, version, metadata_deserializer=None, use_symengine=False):
+def read_circuit(
+    file_obj, version, metadata_deserializer=None, use_symengine=False, trust_input=False
+):
     """Read a single QuantumCircuit object from the file like object.
 
     Args:
@@ -1345,6 +1352,7 @@ def read_circuit(file_obj, version, metadata_deserializer=None, use_symengine=Fa
             supported in all platforms. Please check that your target platform is supported by
             the symengine library before setting this option, as it will be required by qpy to
             deserialize the payload.
+        trust_input (bool): If true, deserialize vulnerable schedule block payloads.
     Returns:
         QuantumCircuit: The circuit object from the file.
 
@@ -1454,7 +1462,11 @@ def read_circuit(file_obj, version, metadata_deserializer=None, use_symengine=Fa
     # Read calibrations
     if version >= 5:
         circ._calibrations_prop = _read_calibrations(
-            file_obj, version, vectors, metadata_deserializer
+            file_obj,
+            version,
+            vectors,
+            metadata_deserializer,
+            trust_input=trust_input,
         )
 
     for vec_name, (vector, initialized_params) in vectors.items():

qiskit/qpy/binary_io/parse_sympy_repr.py

@@ -0,0 +1,121 @@
+# This code is part of Qiskit.
+#
+# (C) Copyright IBM 2025.
+#
+# This code is licensed under the Apache License, Version 2.0. You may
+# obtain a copy of this license in the LICENSE.txt file in the root directory
+# of this source tree or at http://www.apache.org/licenses/LICENSE-2.0.
+#
+# Any modifications or derivative works of this code must retain this
+# copyright notice, and modified files need to carry a notice indicating
+# that they have been altered from the originals.
+
+"""Parser for sympy expressions srepr from ParameterExpression internals."""
+
+import ast
+
+from qiskit.qpy.exceptions import QpyError
+
+
+ALLOWED_CALLERS = {
+    "Abs",
+    "Add",
+    "Sub",
+    "Mul",
+    "Div",
+    "Pow",
+    "Symbol",
+    "Integer",
+    "Rational",
+    "Complex",
+    "Float",
+    "log",
+    "sin",
+    "cos",
+    "tan",
+    "atan",
+    "acos",
+    "asin",
+    "exp",
+    "conjugate",
+}
+
+UNARY = {
+    "sin",
+    "cos",
+    "tan",
+    "atan",
+    "acos",
+    "asin",
+    "conjugate",
+    "Symbol",
+    "Integer",
+    "Complex",
+    "Abs",
+    "Float",
+}
+
+
+class ParseSympyWalker(ast.NodeVisitor):
+    """A custom ast walker that is passed the sympy srepr from QPY < 13 and creates a custom
+    expression."""
+
+    def __init__(self):
+        self.stack = []
+
+    def visit_UnaryOp(self, node: ast.UnaryOp):  # pylint: disable=invalid-name
+        """Visit a python unary op node"""
+        self.visit(node.operand)
+        arg = self.stack.pop()
+        if isinstance(node.op, ast.UAdd):
+            self.stack.append(+arg)
+        elif isinstance(node.op, ast.USub):
+            self.stack.append(-arg)
+        elif isinstance(node.op, ast.Not):
+            self.stack.append(not arg)
+        elif isinstance(node.op, ast.Invert):
+            self.stack.append(~arg)
+        else:
+            raise QpyError(f"Invalid unary op as part of sympy srepr: {node.op}")
+
+    def visit_Constant(self, node: ast.Constant):  # pylint: disable=invalid-name
+        """Visit a constant node."""
+        self.stack.append(node.value)
+
+    def visit_Call(self, node: ast.Call):  # pylint: disable=invalid-name
+        """Visit a call node
+
+        This can only be parameter expression allowed sympy call types.
+        """
+        import sympy
+
+        if isinstance(node.func, ast.Name):
+            name = node.func.id
+        else:
+            raise QpyError("Unknown node type")
+
+        if name not in ALLOWED_CALLERS:
+            raise QpyError(f"{name} is not part of a valid sympy expression srepr")
+
+        args = node.args
+        if name in UNARY:
+            if len(args) != 1:
+                raise QpyError(f"{name} has an invalid number of args in sympy srepr")
+            self.visit(args[0])
+            obj = getattr(sympy, name)(self.stack.pop())
+            self.stack.append(obj)
+        else:
+            for arg in args:
+                self.visit(arg)
+            out_args = [self.stack.pop() for _ in range(len(args))]
+            out_args.reverse()
+            obj = getattr(sympy, name)(*out_args)
+            self.stack.append(obj)
+
+
+def parse_sympy_repr(sympy_repr: str):
+    """Parse a given sympy srepr into a symbolic expression object."""
+    tree = ast.parse(sympy_repr, mode="eval")
+    visitor = ParseSympyWalker()
+    visitor.visit(tree)
+    return visitor.stack.pop()

qiskit/qpy/binary_io/schedules.py

@@ -99,7 +99,7 @@ def _read_discriminator(file_obj, version):
     return Discriminator(name=name, **params)
 
 
-def _loads_symbolic_expr(expr_bytes, use_symengine=False):
+def _loads_symbolic_expr(expr_bytes, use_symengine=False, trust_input=False):
     if expr_bytes == b"":
         return None
     expr_bytes = zlib.decompress(expr_bytes)
@@ -108,12 +108,18 @@ def _loads_symbolic_expr(expr_bytes, use_symengine=False):
     else:
         from sympy import parse_expr
 
+        if not trust_input:
+            raise QpyError(
+                "This payload can not be loaded unless you set ``trust_payload`` to "
+                "True, as it's using sympy for serialization of symbolic expressions which "
+                "is insecure."
+            )
         expr_txt = expr_bytes.decode(common.ENCODE)
         expr = parse_expr(expr_txt)
         return sym.sympify(expr)
 
 
-def _read_symbolic_pulse(file_obj, version):
+def _read_symbolic_pulse(file_obj, version, trust_input=False):
     make = formats.SYMBOLIC_PULSE._make
     pack = formats.SYMBOLIC_PULSE_PACK
     size = formats.SYMBOLIC_PULSE_SIZE
@@ -125,9 +131,13 @@ def _read_symbolic_pulse(file_obj, version):
         )
     )
     pulse_type = file_obj.read(header.type_size).decode(common.ENCODE)
-    envelope = _loads_symbolic_expr(file_obj.read(header.envelope_size))
-    constraints = _loads_symbolic_expr(file_obj.read(header.constraints_size))
-    valid_amp_conditions = _loads_symbolic_expr(file_obj.read(header.valid_amp_conditions_size))
+    envelope = _loads_symbolic_expr(file_obj.read(header.envelope_size), trust_input=trust_input)
+    constraints = _loads_symbolic_expr(
+        file_obj.read(header.constraints_size), trust_input=trust_input
+    )
+    valid_amp_conditions = _loads_symbolic_expr(
+        file_obj.read(header.valid_amp_conditions_size), trust_input=trust_input
+    )
     parameters = common.read_mapping(
         file_obj,
         deserializer=value.loads_value,
@@ -189,7 +199,7 @@ def _read_symbolic_pulse(file_obj, version):
         raise NotImplementedError(f"Unknown class '{class_name}'")
 
 
-def _read_symbolic_pulse_v6(file_obj, version, use_symengine):
+def _read_symbolic_pulse_v6(file_obj, version, use_symengine, trust_input=False):
     make = formats.SYMBOLIC_PULSE_V2._make
     pack = formats.SYMBOLIC_PULSE_PACK_V2
     size = formats.SYMBOLIC_PULSE_SIZE_V2
@@ -202,10 +212,14 @@ def _read_symbolic_pulse_v6(file_obj, version, use_symengine):
     )
     class_name = file_obj.read(header.class_name_size).decode(common.ENCODE)
     pulse_type = file_obj.read(header.type_size).decode(common.ENCODE)
-    envelope = _loads_symbolic_expr(file_obj.read(header.envelope_size), use_symengine)
-    constraints = _loads_symbolic_expr(file_obj.read(header.constraints_size), use_symengine)
+    envelope = _loads_symbolic_expr(
+        file_obj.read(header.envelope_size), use_symengine, trust_input=trust_input
+    )
+    constraints = _loads_symbolic_expr(
+        file_obj.read(header.constraints_size), use_symengine, trust_input=trust_input
+    )
     valid_amp_conditions = _loads_symbolic_expr(
-        file_obj.read(header.valid_amp_conditions_size), use_symengine
+        file_obj.read(header.valid_amp_conditions_size), use_symengine, trust_input=trust_input
     )
     parameters = common.read_mapping(
         file_obj,
@@ -277,15 +291,21 @@ def _read_alignment_context(file_obj, version):
 
 
 # pylint: disable=too-many-return-statements
-def _loads_operand(type_key, data_bytes, version, use_symengine):
+def _loads_operand(type_key, data_bytes, version, use_symengine, trust_input=False):
     if type_key == type_keys.ScheduleOperand.WAVEFORM:
         return common.data_from_binary(data_bytes, _read_waveform, version=version)
     if type_key == type_keys.ScheduleOperand.SYMBOLIC_PULSE:
         if version < 6:
-            return common.data_from_binary(data_bytes, _read_symbolic_pulse, version=version)
+            return common.data_from_binary(
+                data_bytes, _read_symbolic_pulse, version=version, trust_input=trust_input
+            )
         else:
             return common.data_from_binary(
-                data_bytes, _read_symbolic_pulse_v6, version=version, use_symengine=use_symengine
+                data_bytes,
+                _read_symbolic_pulse_v6,
+                version=version,
+                use_symengine=use_symengine,
+                trust_input=trust_input,
             )
     if type_key == type_keys.ScheduleOperand.CHANNEL:
         return common.data_from_binary(data_bytes, _read_channel, version=version)
@@ -307,14 +327,20 @@ def _loads_operand(type_key, data_bytes, version, use_symengine):
     return value.loads_value(type_key, data_bytes, version, {})
 
 
-def _read_element(file_obj, version, metadata_deserializer, use_symengine):
+def _read_element(file_obj, version, metadata_deserializer, use_symengine, trust_input=False):
     type_key = common.read_type_key(file_obj)
 
     if type_key == type_keys.Program.SCHEDULE_BLOCK:
-        return read_schedule_block(file_obj, version, metadata_deserializer, use_symengine)
+        return read_schedule_block(
+            file_obj, version, metadata_deserializer, use_symengine, trust_input=trust_input
+        )
 
     operands = common.read_sequence(
-        file_obj, deserializer=_loads_operand, version=version, use_symengine=use_symengine
+        file_obj,
+        deserializer=_loads_operand,
+        version=version,
+        use_symengine=use_symengine,
+        trust_input=trust_input,
     )
     name = value.read_value(file_obj, version, {})
 
@@ -326,7 +352,7 @@ def _read_element(file_obj, version, metadata_deserializer, use_symengine):
     return instance
 
 
-def _loads_reference_item(type_key, data_bytes, metadata_deserializer, version):
+def _loads_reference_item(type_key, data_bytes, metadata_deserializer, version, trust_input=False):
     if type_key == type_keys.Value.NULL:
         return None
     if type_key == type_keys.Program.SCHEDULE_BLOCK:
@@ -335,6 +361,7 @@ def _loads_reference_item(type_key, data_bytes, metadata_deserializer, version):
             deserializer=read_schedule_block,
             version=version,
             metadata_deserializer=metadata_deserializer,
+            trust_input=trust_input,
         )
 
     raise QpyError(
@@ -408,6 +435,9 @@ def _dumps_symbolic_expr(expr, use_symengine):
     else:
         from sympy import srepr, sympify
 
+        if not isinstance(expr, sym.Basic):
+            raise QiskitError("Invalid ParameterExpression")
+
         expr_bytes = srepr(sympify(expr)).encode(common.ENCODE)
     return zlib.compress(expr_bytes)
 
@@ -512,7 +542,9 @@ def _dumps_reference_item(schedule, metadata_serializer, version):
 
 
 @ignore_pulse_deprecation_warnings
-def read_schedule_block(file_obj, version, metadata_deserializer=None, use_symengine=False):
+def read_schedule_block(
+    file_obj, version, metadata_deserializer=None, use_symengine=False, trust_input=False
+):
     """Read a single ScheduleBlock from the file like object.
 
     Args:
@@ -529,6 +561,14 @@ def read_schedule_block(file_obj, version, metadata_deserializer=None, use_symen
             native mechanism. This is a faster serialization alternative, but not supported in all
             platforms. Please check that your target platform is supported by the symengine library
             before setting this option, as it will be required by qpy to deserialize the payload.
+        trust_input (bool): if set to ``False`` (the default),
+            :class:`.ScheduleBlock` objects in the payload that were
+            serialized using ``sympy`` are not allowed and will error. This
+            is because the ``sympy`` parsing uses :func:`eval`, which
+            can allow for arbitrary code execution.
+            The flag should only be set
+            to ``True`` if you trust the QPY payload you are loading.
+
     Returns:
         ScheduleBlock: The schedule block object from the file.
 
@@ -556,7 +596,9 @@ def read_schedule_block(file_obj, version, metadata_deserializer=None, use_symen
         alignment_context=context,
     )
     for _ in range(data.num_elements):
-        block_elm = _read_element(file_obj, version, metadata_deserializer, use_symengine)
+        block_elm = _read_element(
+            file_obj, version, metadata_deserializer, use_symengine, trust_input=trust_input
+        )
         block.append(block_elm, inplace=True)
 
     # Load references
@@ -566,6 +608,7 @@ def read_schedule_block(file_obj, version, metadata_deserializer=None, use_symen
             deserializer=_loads_reference_item,
             version=version,
             metadata_deserializer=metadata_deserializer,
+            trust_input=trust_input,
         )
         ref_dict = {}
         for key_str, schedule in flat_key_refdict.items():

qiskit/qpy/binary_io/value.py

@@ -34,6 +34,7 @@ from qiskit.circuit.parameterexpression import (
 )
 from qiskit.circuit.parametervector import ParameterVector, ParameterVectorElement
 from qiskit.qpy import common, formats, exceptions, type_keys
+from qiskit.qpy.binary_io.parse_sympy_repr import parse_sympy_repr
 
 
 def _write_parameter(file_obj, obj):
@@ -171,6 +172,9 @@ def _write_parameter_expression(file_obj, obj, use_symengine, *, version):
         else:
             from sympy import srepr, sympify
 
+            if not isinstance(obj._symbol_expr, symengine.Basic):
+                raise exceptions.QpyError("Invalid ParameterExpression")
+
             expr_bytes = srepr(sympify(obj._symbol_expr)).encode(common.ENCODE)
     else:
         with io.BytesIO() as buf:
@@ -419,9 +423,9 @@ def _read_parameter_expression(file_obj):
     data = formats.PARAMETER_EXPR(
         *struct.unpack(formats.PARAMETER_EXPR_PACK, file_obj.read(formats.PARAMETER_EXPR_SIZE))
     )
-    from sympy.parsing.sympy_parser import parse_expr
 
-    expr_ = symengine.sympify(parse_expr(file_obj.read(data.expr_size).decode(common.ENCODE)))
+    sympy_str = file_obj.read(data.expr_size).decode(common.ENCODE)
+    expr_ = symengine.sympify(parse_sympy_repr(sympy_str))
     symbol_map = {}
     for _ in range(data.map_elements):
         elem_data = formats.PARAM_EXPR_MAP_ELEM(
@@ -460,9 +464,8 @@ def _read_parameter_expression_v3(file_obj, vectors, use_symengine):
     if use_symengine:
         expr_ = common.load_symengine_payload(payload)
     else:
-        from sympy.parsing.sympy_parser import parse_expr
-
-        expr_ = symengine.sympify(parse_expr(payload.decode(common.ENCODE)))
+        sympy_str = payload.decode(common.ENCODE)
+        expr_ = symengine.sympify(parse_sympy_repr(sympy_str))
 
     symbol_map = {}
     for _ in range(data.map_elements):

qiskit/qpy/interface.py

@@ -238,6 +238,7 @@ def dump(
 def load(
     file_obj: BinaryIO,
     metadata_deserializer: Optional[Type[JSONDecoder]] = None,
+    trust_payload: bool = False,
 ) -> List[QPY_SUPPORTED_TYPES]:
     """Load a QPY binary file
 
@@ -277,6 +278,18 @@ def load(
             If this is not specified the circuit metadata will
             be parsed as JSON with the stdlib ``json.load()`` function using
             the default ``JSONDecoder`` class.
+        trust_payload: if set to ``False`` (the default),
+            :class:`.ScheduleBlock` objects in the payload that were
+            serialized using ``sympy`` are not allowed and will error. This
+            is because the ``sympy`` parsing uses :func:`eval`, which
+            can allow for arbitrary code execution.
+            The flag should only be set
+            to ``True`` if you trust the QPY payload you are loading.
+
+    .. warning::
+
+        If ``trust_payload`` is set to ``True`` this can enable arbitrary
+        code execution because internally ``sympy`` relies on :func:`eval`.
 
     Returns:
         The list of Qiskit programs contained in the QPY data.
@@ -344,6 +357,11 @@ def load(
     else:
         type_key = common.read_type_key(file_obj)
 
+    if data.qpy_version < 10:
+        use_symengine = False
+    else:
+        use_symengine = data.symbolic_encoding == type_keys.SymExprEncoding.SYMENGINE
+
     if type_key == type_keys.Program.CIRCUIT:
         loader = binary_io.read_circuit
     elif type_key == type_keys.Program.SCHEDULE_BLOCK:
@@ -359,11 +377,6 @@ def load(
     else:
         raise TypeError(f"Invalid payload format data kind '{type_key}'.")
 
-    if data.qpy_version < 10:
-        use_symengine = False
-    else:
-        use_symengine = data.symbolic_encoding == type_keys.SymExprEncoding.SYMENGINE
-
     programs = []
     for _ in range(data.num_programs):
         programs.append(
@@ -372,6 +385,7 @@ def load(
                 data.qpy_version,
                 metadata_deserializer=metadata_deserializer,
                 use_symengine=use_symengine,
+                trust_input=trust_payload,
             )
         )
     return programs

qiskit/synthesis/discrete_basis/generate_basis_approximations.py

@@ -37,6 +37,8 @@ _1q_inverses = {
     "tdg": "t",
     "s": "sdg",
     "sdg": "s",
+    "sx": "sxdg",
+    "sxdg": "sx",
 }
 
 _1q_gates = {

qiskit/transpiler/passes/optimization/template_matching/template_substitution.py

@@ -495,7 +495,6 @@ class TemplateSubstitution:
                 parameter constraints, returns None.
         """
         import sympy as sym
-        from sympy.parsing.sympy_parser import parse_expr
 
         if _optionals.HAS_SYMENGINE:
             import symengine
@@ -571,7 +570,8 @@ class TemplateSubstitution:
                 if isinstance(circuit_param, ParameterExpression):
                     circ_param_sym = circuit_param.sympify()
                 else:
-                    circ_param_sym = parse_expr(str(circuit_param))
+                    # if it's not a ParameterExpression we're a float
+                    circ_param_sym = sym.Float(circuit_param)
                 equations.append(sym.Eq(template_param.sympify(), circ_param_sym))
 
                 for param in template_param.parameters:

{qiskit-1.4.1.dist-info → qiskit-1.4.2.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.2
 Name: qiskit
-Version: 1.4.1
+Version: 1.4.2
 Summary: An open-source SDK for working with quantum computers at the level of extended quantum circuits, operators, and primitives.
 Author-email: Qiskit Development Team <qiskit@us.ibm.com>
 License: Apache 2.0