Parsing strings (\n and \\)
Simo Salminen
look at sig.invalid
Wed Jun 26 01:15:27 EDT 2002
* Fredrik Lundh [Tue, 25 Jun 2002 16:01:21 GMT]
> François Pinard wrote:
>
>> A simple avenue is to get Python itself to evaluate the string as a constant
>> (you ensure this by removing evaluation context). Something like this:
>>
>> PARSED = eval(UNPARSED, {}, {})
>
>>>> UNPARSED = "__import__('os').system('echo dream on!')"
>>>> PARSED = eval(UNPARSED, {}, {})
> dream on!
>
safe(?) version:
>>> PARSED = eval(UNPARSED, {"__builtins__":None}, {})
Traceback (most recent call last):
File "<interactive input>", line 1, in ?
File "<string>", line 0, in ?
NameError: name '__import__' is not defined
--
simo <dot> salminen <at> iki <dot> fi
More information about the Python-list
mailing list