how to iterate over sequence and non-sequence ?
Steven D'Aprano
steve at REMOVE-THIS-cybersource.com.au
Fri Oct 19 11:13:17 EDT 2007
On Fri, 19 Oct 2007 16:19:32 +0200, stef wrote:
> Well I'm not collecting data, I'm collecting pointers to data.
I beg to differ, you're collecting data. How that data is to be
interpreted (a string, a number, a pointer...) is a separate issue.
> This
> program simulates a user written program in JAL. As Python doesn't
> support pointers, instead I collect names.
This doesn't make any sense to me. If your user-written program is
supplying pointers (that is, memory addresses like 0x15A8), how do you
get a name from the memory address?
If you are trying to emulate pointer-manipulation, then the usual way to
simulate a pointer is with an integer offset into an array:
# initialise your memory space to all zeroes:
memory = [chr(0)]*1024*64 # 64K of memory space, enough for anyone
NULL = 0
pointer = 45
memory[pointer:pointer + 5] = 'HELLO'
pointer += 6
memory[pointer:pointer + 5] = 'WORLD'
> The names are derived from an
> analysis of the user program under test, so the danger some of you are
> referring to, is not there, or at least is not that simple.
What about accidental clashes between your program's names and the names
you are collecting? Are you sure there are no corner cases where
something you pass to exec can interact badly with your code?
The thing is, exec is stomping through your program's namespace with
great big steel-capped boots, crushing anything that gets in the way.
Even if it is safe in your specific example, it is still bad practice, or
at least risky practice. Code gets reused, copied, and one day a piece of
code you wrote for the JAL project ends up running on a webserver and now
you have a serious security hole.
(Every security hole ever started off with a programmer thinking "This is
perfectly safe to do".)
But more importantly, what makes you think that exec is going to be
faster and more efficient than the alternatives? By my simple test, I
find exec to be about a hundred times slower than directly executing the
same code:
>>> timeit.Timer("a = 1").timeit()
0.26714611053466797
>>> timeit.Timer("exec s", "s = 'a = 1'").timeit()
25.963317155838013
--
Steven
More information about the Python-list
mailing list