mirrors/cpython
1
0
Fork 0
mirror of https://github.com/python/cpython.git synced 2025-08-24 10:45:53 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 8

gh-95588: Drop the safety claim from ast.literal_eval docs. (#95919)

Browse source 
It was never really safe and this claim conflicts directly with the big warning in the docs about it being able to crash the interpreter.
This commit is contained in:
Gregory P. Smith 2022-10-01 17:55:40 -07:00 committed by GitHub
parent bd7d0e875e
commit 8baef8ae36
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 25 additions and 9 deletions
Download patch file Download diff file Expand all files Collapse all files

4
Lib/ast.py
View file

@ -54,10 +54,12 @@ def parse(source, filename='<unknown>', mode='exec', *,
def literal_eval(node_or_string):
"""
Safely evaluate an expression node or a string containing a Python
Evaluate an expression node or a string containing only a Python
expression. The string or node provided may only consist of the following
Python literal structures: strings, bytes, numbers, tuples, lists, dicts,
sets, booleans, and None.
Caution: A complex expression can overflow the C stack and cause a crash.
"""
if isinstance(node_or_string, str):
node_or_string = parse(node_or_string.lstrip(" \t"), mode='eval')