Python-list Digest, Vol 35, Issue 160
Brendon Towle
btowle at carnegielearning.com
Thu Aug 10 09:27:31 EDT 2006
> Date: Thu, 10 Aug 2006 08:51:12 -0400
> From: Brendon Towle <btowle at carnegielearning.com>
> Subject: Re: Eval (was Re: Question about using python as a scripting
> language)
>
>> Date: 9 Aug 2006 14:12:01 -0700
>> From: "Simon Forman" <rogue_pedro at yahoo.com>
>> Subject: Re: Eval (was Re: Question about using python as a scripting
>> language)
>> To: python-list at python.org
>> Message-ID: <1155157921.662196.11210 at 75g2000cwc.googlegroups.com>
>> Content-Type: text/plain; charset="iso-8859-1"
>>
>> Fredrik Lundh posted a great piece of code to parse a subset of
>> python
>> safely:
>>
>> http://groups.google.ca/group/comp.lang.python/browse_frm/thread/
>> 8e427c5e6da35c/a34397ba74892b4e
>
> This, as it turns out, was the most helpful pointer of them all --
> thanks!
Actually, I spoke too soon. (I should have known better -- always
test first.) But:
>>>import SafeEval as se
>>>se.safeEval('[["AAPL", 35.5, 0.45],["YHOO", 75.68, 0.01]]')
[['AAPL', 35.5, 0.45000000000000001], ['YHOO', 75.680000000000007,
0.01]]
>>>se.safeEval('[["AAPL", 35.5, 0.45],["YHOO", 75.68, -0.01]]')
SyntaxError: malformed expression (-)
Seems that parsing negative numbers is outside of the scope of this
routine. Here's the source (which is Frederik's source with one minor
renaming; I take no credit here); anyone have any ideas?
B.
==== start source ====
import cStringIO, tokenize
def sequence(next, token, end):
out = []
token = next()
while token[1] != end:
out.append(atom(next, token))
token = next()
if token[1] == "," or token[1] == ":":
token = next()
return out
def atom(next, token):
if token[1] == "(":
return tuple(sequence(next, token, ")"))
elif token[1] == "[":
return sequence(next, token, "]")
elif token[1] == "{":
seq = sequence(next, token, "}")
res = {}
for i in range(0, len(seq), 2):
res[seq[i]] = seq[i+1]
return res
elif token[0] in (tokenize.STRING, tokenize.NUMBER):
return eval(token[1]) # safe use of eval!
raise SyntaxError("malformed expression (%s)" % token[1])
def safeEval(source):
src = cStringIO.StringIO(source).readline
src = tokenize.generate_tokens(src)
src = (token for token in src if token[0] is not tokenize.NL)
res = atom(src.next, src.next())
if src.next()[0] is not tokenize.ENDMARKER:
raise SyntaxError("bogus data after expression")
return res
==== end source ====
--
Brendon Towle, PhD
Cognitive Scientist
+1-412-690-2442x127
Carnegie Learning, Inc.
The Cognitive Tutor Company ®
Helping over 375,000 students in 1000 school districts succeed in math.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/python-list/attachments/20060810/b63115c0/attachment.html>
More information about the Python-list
mailing list