[issue39956] Numeric Literals vs string "1_1" on input int() or float() or literal_eval
Serhiy Storchaka
report at bugs.python.org
Fri Mar 13 14:29:31 EDT 2020
Serhiy Storchaka <storchaka+cpython at gmail.com> added the comment:
You can validate the input before using it.
if '_' in s: raise ValueError
or
if not re.fullmatch('[0-9]+', s): raise ValueError
Do you want to accept "۱۲۳۴" or " 12 "? If not then validate the input before using int().
Also, do not use ast.literal_eval() with untrusted input without validation. It is not a "safe eval" and may even crash the interpreter.
----------
nosy: +serhiy.storchaka
_______________________________________
Python tracker <report at bugs.python.org>
<https://bugs.python.org/issue39956>
_______________________________________
More information about the Python-bugs-list
mailing list