Is this a safe use of eval?
nobody at nowhere.com
Fri Feb 25 06:15:27 CET 2011
On Thu, 24 Feb 2011 15:24:51 +0200, Frank Millman wrote:
> Thanks, Christian. I had a look at that recipe, but I must say that Paul's
> suggestion is much simpler -
> from ast import literal_eval
> method_name = 'calc_area'
> args = literal_eval('(100,200)')
> result = getattr(my_inst, method_name)(*args)
> In my case the arguments are all strings or integers, so it looks as if this
> approach should be safe. Do you see any problem with it?
Only that you may need a fairly recent version of the ast module; the
first attempt at literal_eval was a bit too ... literal, e.g. it couldn't
handle negative numbers (Python doesn't have negative integer literals;
evaluating "-10" applies the negation operator to the integer 10).
More information about the Python-list