Do not run this code.
Dave Farrance
DaveFarrance at OMiTTHiSyahooANDTHiS.co.uk
Thu Mar 5 02:39:22 EST 2015
Ben Finney <ben+python at benfinney.id.au> wrote:
>Chris Angelico <rosuav at gmail.com> writes:
>
>> import base64; exec(…)
>
>That's all I need to know. Code with ‘exec()’ calls, I consider unsafe
>by default.
Indeed. replacing exec with print...
>>> print(base64.b64decode(b"eD0neD0lcjsgZXhlYyh4JSV4KSc7IGV4ZWMoeCV4KQ=="))
x='x=%r; exec(x%%x)'; exec(x%x)
so, discarding that second exec...
>>> x='x=%r; exec(x%%x)'
>>> print(x)
x=%r; exec(x%%x)
So it recurses, and if that second exec had been left in then it would be
a fork bomb.
More information about the Python-list
mailing list