Newbie Question
BranoZ
zarnovican at gmail.com
Fri Aug 19 11:38:56 EDT 2005
Michael.Coll-Barth at VerizonWireless.com wrote:
> >>> x = '22,44,66,88,"asd,asd","23,43,55"'
> >>> y = eval(x)
> >>> y
> (22, 44, 66, 88, 'asd,asd', '23,43,55')
>
> And now, a question for the experts.
I'm no expert, just experienced.
> Does anyone have a pointer as to why my code might be
> dangerous?
Well, the smallest problem you have here is that you will
get an SyntaxError exception on badly formated input.
x = 'z,22,44,66,88,"asd,asd","23,43,55"'
eval(x)
NameError: name 'z' is not defined
In worse case, somebody will send you a carefuly formated
input that you will run blindy (just like in case of buffer
overflows).
CSV is easy with the module..
import csv
cr = csv.reader((x,))
print cr.next()
['z', '22', '44', '66', '88', 'asd,asd', '23,43,55']
Usually, you will use the csv module, like this:
import csv, sys
for line in csv.reader(sys.stdin):
# print line[3]
BranoZ
More information about the Python-list
mailing list