From 13a25fb8e654c181843b99d3121bbf5af5bbd0f3 Mon Sep 17 00:00:00 2001 From: Tim Peters Date: Tue, 28 Jan 2003 16:42:22 +0000 Subject: _is_string_secure(): This method is no longer used; removed it. (It was used before string-escape codecs were added to the core.) --- Lib/pickle.py | 37 ------------------------------------- 1 file changed, 37 deletions(-) diff --git a/Lib/pickle.py b/Lib/pickle.py index 5a8bfea..c29f2f8 100644 --- a/Lib/pickle.py +++ b/Lib/pickle.py @@ -845,43 +845,6 @@ class Unpickler: self.append(rep.decode("string-escape")) dispatch[STRING] = load_string - def _is_string_secure(self, s): - """Return true if s contains a string that is safe to eval - - The definition of secure string is based on the implementation - in cPickle. s is secure as long as it only contains a quoted - string and optional trailing whitespace. - """ - q = s[0] - if q not in ("'", '"'): - return 0 - # find the closing quote - offset = 1 - i = None - while 1: - try: - i = s.index(q, offset) - except ValueError: - # if there is an error the first time, there is no - # close quote - if offset == 1: - return 0 - if s[i-1] != '\\': - break - # check to see if this one is escaped - nslash = 0 - j = i - 1 - while j >= offset and s[j] == '\\': - j = j - 1 - nslash = nslash + 1 - if nslash % 2 == 0: - break - offset = i + 1 - for c in s[i+1:]: - if ord(c) > 32: - return 0 - return 1 - def load_binstring(self): len = mloads('i' + self.read(4)) self.append(self.read(len)) -- cgit v0.12