Memory leak ??

Kim Petersen kp at kyborg.dk
Fri Jul 11 01:15:55 CEST 2003


A.M. Kuchling wrote:
> On Thu, 10 Jul 2003 14:34:05 +0200, 
> 	Kim Petersen <kp at kyborg.dk> wrote:
> 
>>Using python-2.2.2-26 on RH9 (shrike) x86 -fully patched
>>
>>The following program slowly eats up more and more memory when run on
>>large datasets... can anyone tell what the trouble is?
> 
> 
> Your code uses eval(), which is pretty heavyweight because it has to
> tokenize, parse, and then evaluate the string.

I know - but speed is not an issue in this (at least not for the moment).

> There have been a few memory
> leaks in eval(), and perhaps you're running into one of them.  Try using
> int() or float() to convert strings to numbers instead of eval.  As a bonus,
> your program will be faster and much more secure (could an attacker tweak 
> your logfiles so you end up eval()ing os.unlink('/etc/passwd')?).

Not likely - this file is error-output from a database population 
program - and the thing being eval'led is actually the python tuple that 
made the error occur - what my program essentially should do - is take 
that output - analyze it - fix the errors - and then put it into the 
database.

But thanks, for the tip - i'll try and wrap up a parser for this instead 
then. (personally i had my suspecion on the generator - but thats prolly 
because i'm still thinking 1.5.2 ;-))
> 
> In general, using eval() is almost always a mistake; few programs need to 
> take arbitrary expressions as input.

I agree completely - i've personally used eval something like 3 times 
totally in the time i've programmed python (5 years or so) - and in all 
cases it has been places where the input were secure.

> 
> --amk





More information about the Python-list mailing list