summaryrefslogtreecommitdiffstats
path: root/Lib/string.py
diff options
context:
space:
mode:
authorGuido van Rossum <guido@python.org>1997-12-10 22:59:55 (GMT)
committerGuido van Rossum <guido@python.org>1997-12-10 22:59:55 (GMT)
commitd0753e20b256057a6320e95e43974f053f4123f1 (patch)
tree16b8823424a3726cbcd52b7f68f47318599c2631 /Lib/string.py
parent90d62ab0a175b8f3451ee74f29d5de83650e2292 (diff)
downloadcpython-d0753e20b256057a6320e95e43974f053f4123f1.zip
cpython-d0753e20b256057a6320e95e43974f053f4123f1.tar.gz
cpython-d0753e20b256057a6320e95e43974f053f4123f1.tar.bz2
At Barry's suggestion, plug the security leak by using an empty
__builtins__ for all calls to eval(). This still allows someone to write string.atof("[1]*1000000") (which Jim Fulton worries about) but effectively disables access to system modules and functions.
Diffstat (limited to 'Lib/string.py')
-rw-r--r--Lib/string.py9
1 files changed, 6 insertions, 3 deletions
diff --git a/Lib/string.py b/Lib/string.py
index 8c64952..c0f5147 100644
--- a/Lib/string.py
+++ b/Lib/string.py
@@ -198,6 +198,9 @@ def rfind(s, sub, i = 0, last=None):
i = i+1
return r
+# "Safe" environment for eval()
+safe_env = {"__builtins__": {}}
+
# Convert string to float
re = None
def atof(str):
@@ -219,7 +222,7 @@ def atof(str):
if re and not re.match('[0-9]*(\.[0-9]*)?([eE][-+]?[0-9]+)?$', s):
raise ValueError, 'non-float argument to string.atof'
try:
- return float(eval(sign + s, {}))
+ return float(eval(sign + s, safe_env))
except SyntaxError:
raise ValueError, 'non-float argument to string.atof'
@@ -239,7 +242,7 @@ def atoi(str, base=10):
for c in s:
if c not in digits:
raise ValueError, 'non-integer argument to string.atoi'
- return eval(sign + s)
+ return eval(sign + s, safe_env)
# Convert string to long integer
def atol(str, base=10):
@@ -257,7 +260,7 @@ def atol(str, base=10):
for c in s:
if c not in digits:
raise ValueError, 'non-integer argument to string.atol'
- return eval(sign + s + 'L')
+ return eval(sign + s + 'L', safe_env)
# Left-justify a string
def ljust(s, width):