Aahz wrote:
In article <[EMAIL PROTECTED]>,
Simon Forman <[EMAIL PROTECTED]> wrote:
FWIW, I got around to implementing a function that checks if a string
is safe to evaluate (that it consists only of numbers, operators, and
"(" and ")"). Here it is. :)
What's safe about "1000 ** 1000
In article <[EMAIL PROTECTED]>,
Simon Forman <[EMAIL PROTECTED]> wrote:
>
>FWIW, I got around to implementing a function that checks if a string
>is safe to evaluate (that it consists only of numbers, operators, and
>"(" and ")"). Here it is. :)
What's safe about "1000 ** 1000"?
--
Aahz
On Jun 16, 8:32 pm, bvdp <[EMAIL PROTECTED]> wrote:
> [EMAIL PROTECTED] wrote:
> > On Jun 17, 8:02 am, bvdp <[EMAIL PROTECTED]> wrote:
>
> >> Thanks. That was easy :)
>
> >>> The change to the _ast version is left as an exercise to the reader ;)
> >> And I have absolutely no idea on how to do this.
[EMAIL PROTECTED] wrote:
On Jun 17, 8:02 am, bvdp <[EMAIL PROTECTED]> wrote:
Thanks. That was easy :)
The change to the _ast version is left as an exercise to the reader ;)
And I have absolutely no idea on how to do this. I can't even find the
_ast import file on my system. I'm assuming that
On Jun 17, 8:02 am, bvdp <[EMAIL PROTECTED]> wrote:
> Thanks. That was easy :)
>
> > The change to the _ast version is left as an exercise to the reader ;)
>
> And I have absolutely no idea on how to do this. I can't even find the
> _ast import file on my system. I'm assuming that the _ast definit
George Sakkis wrote:
On Jun 16, 4:47 pm, bvdp <[EMAIL PROTECTED]> wrote:
2. I thought I'd be happy with * / + -, etc. Of course now I want to add
a few more funcs like int() and sin(). How would I do that?
For the builtin eval, just populate the globals dict with the names
you want to make av
On Jun 16, 4:47 pm, bvdp <[EMAIL PROTECTED]> wrote:
> 2. I thought I'd be happy with * / + -, etc. Of course now I want to add
> a few more funcs like int() and sin(). How would I do that?
For the builtin eval, just populate the globals dict with the names
you want to make available:
import math
Okay guys. I have the _ast based safe eval installed and working in my
program. It appears to be working just fine. Thanks for the help.
Now, a few more questions:
1. I see that _ast is a 2.5 module?? So, for folks using my code with
<2.5 I could do something like this:
# I've got some imp
George Sakkis wrote:
You probably missed the point in the posted examples. A malicious user
doesn't need to modify your program code to have access to far more
than you would hope, just devise an appropriate string s and pass it
to your "safe" eval.
Oppps, I did miss the point. I was assuming
On Jun 12, 1:51 pm, bvdp <[EMAIL PROTECTED]> wrote:
> Matimus wrote:
> > On Jun 11, 9:16 pm, George Sakkis <[EMAIL PROTECTED]> wrote:
> >> On Jun 11, 8:15 pm, bvdp <[EMAIL PROTECTED]> wrote:
>
> >>> Matimus wrote:
> The solution I posted should work and is safe. It may not seem very
> re
Matimus wrote:
On Jun 11, 9:16 pm, George Sakkis <[EMAIL PROTECTED]> wrote:
On Jun 11, 8:15 pm, bvdp <[EMAIL PROTECTED]> wrote:
Matimus wrote:
The solution I posted should work and is safe. It may not seem very
readable, but it is using Pythons internal parser to parse the passed
in string
On Jun 11, 9:16 pm, George Sakkis <[EMAIL PROTECTED]> wrote:
> On Jun 11, 8:15 pm, bvdp <[EMAIL PROTECTED]> wrote:
>
>
>
> > Matimus wrote:
>
> > > The solution I posted should work and is safe. It may not seem very
> > > readable, but it is using Pythons internal parser to parse the passed
> > > i
On 2008-06-12, Hans Nowak <[EMAIL PROTECTED]> wrote:
> bvdp wrote:
>>
>> Is there a simple/safe expression evaluator I can use in a python
>> program. I just want to pass along a string in the form "1 + 44 / 3" or
>> perhaps "1 + (-4.3*5)" and get a numeric result.
>>
>> I can do this with eval
bvdp wrote:
Is there a simple/safe expression evaluator I can use in a python
program. I just want to pass along a string in the form "1 + 44 / 3" or
perhaps "1 + (-4.3*5)" and get a numeric result.
I can do this with eval() but I really don't want to subject my users to
the problems with t
On Jun 11, 8:15 pm, bvdp <[EMAIL PROTECTED]> wrote:
> Matimus wrote:
>
> > The solution I posted should work and is safe. It may not seem very
> > readable, but it is using Pythons internal parser to parse the passed
> > in string into an abstract symbol tree (rather than code). Normally
> > Pytho
On Jun 11, 3:25 pm, bvdp <[EMAIL PROTECTED]> wrote:
> Is there a simple/safe expression evaluator I can use in a python
> program. I just want to pass along a string in the form "1 + 44 / 3" or
> perhaps "1 + (-4.3*5)" and get a numeric result.
>
> I can do this with eval() but I really don't want
Matimus wrote:
The solution I posted should work and is safe. It may not seem very
readable, but it is using Pythons internal parser to parse the passed
in string into an abstract symbol tree (rather than code). Normally
Python would just use the ast internally to create code. Instead I've
writ
On Jun 11, 4:38 pm, bvdp <[EMAIL PROTECTED]> wrote:
> I'm finding my quest for a safe eval() quite frustrating :)
>
> Any comments on this: Just forget about getting python to do this and,
> instead, grab my set of values (from a user supplied text file) and call
> an external program like 'bc' to
I'm finding my quest for a safe eval() quite frustrating :)
Any comments on this: Just forget about getting python to do this and,
instead, grab my set of values (from a user supplied text file) and call
an external program like 'bc' to do the dirty work. I think that this
would avoid someone
Simon Forman wrote:
On Jun 11, 1:25 pm, bvdp <[EMAIL PROTECTED]> wrote:
Is there a simple/safe expression evaluator I can use in a python
program. I just want to pass along a string in the form "1 + 44 / 3" or
perhaps "1 + (-4.3*5)" and get a numeric result.
I can do this with eval() but I real
Matimus wrote:
On Jun 11, 1:25 pm, bvdp <[EMAIL PROTECTED]> wrote:
Is there a simple/safe expression evaluator I can use in a python
program. I just want to pass along a string in the form "1 + 44 / 3" or
perhaps "1 + (-4.3*5)" and get a numeric result.
I can do this with eval() but I really do
On Jun 11, 1:25 pm, bvdp <[EMAIL PROTECTED]> wrote:
> Is there a simple/safe expression evaluator I can use in a python
> program. I just want to pass along a string in the form "1 + 44 / 3" or
> perhaps "1 + (-4.3*5)" and get a numeric result.
>
> I can do this with eval() but I really don't want
On Jun 11, 1:25 pm, bvdp <[EMAIL PROTECTED]> wrote:
> Is there a simple/safe expression evaluator I can use in a python
> program. I just want to pass along a string in the form "1 + 44 / 3" or
> perhaps "1 + (-4.3*5)" and get a numeric result.
>
> I can do this with eval() but I really don't want
Is there a simple/safe expression evaluator I can use in a python
program. I just want to pass along a string in the form "1 + 44 / 3" or
perhaps "1 + (-4.3*5)" and get a numeric result.
I can do this with eval() but I really don't want to subject my users to
the problems with that method.
24 matches
Mail list logo
