Parsing strings (\n and \\)
Simo Salminen
look at sig.invalid
Wed Jun 26 06:31:55 EDT 2002
* Fredrik Lundh [Wed, 26 Jun 2002 08:10:22 GMT]
> Simo Salminen wrote:
>
>> safe(?) version:
>>
>> >>> PARSED = eval(UNPARSED, {"__builtins__":None}, {})
>> Traceback (most recent call last):
>> File "<interactive input>", line 1, in ?
>> File "<string>", line 0, in ?
>> NameError: name '__import__' is not defined
>
> now try this:
>
> UNPARSED = "'*'*10000000*2*2*2*2*2*2*2*2*2"
>
yes, but if you don't mind it consuming lots of cpu time and memory, its
safe. i'm not saying eval should be used, but if you do, restricting it is
good idea.
--
simo <dot> salminen <at> iki <dot> fi
More information about the Python-list
mailing list