[docs] [issue32758] Stack overflow when parse long expression to AST
report at bugs.python.org
Fri Mar 9 16:19:56 EST 2018
Serhiy Storchaka <storchaka+cpython at gmail.com> added the comment:
I think we can ignore the inspect module. It is unlikely that it will cause a crash unintentionally, and it is hard to use this for attacks. The attacker needs to create an extension function with malicious __text_signature__, but if he is able to execute arbitrary binary code, there is a much larger problem.
And perhaps there is no need to repeat the warning for exec() and eval(). They are considered more dangerous than compile().
Python tracker <report at bugs.python.org>
More information about the docs