Defined JSON booleans in global context for python eval()

We define 'false' and 'true' as variables so that python eval() recognizes them as False and True.

This fixes #14291.
pull/14404/head
Dag Wieers 9 years ago committed by Brian Coca
parent 8ca8459af5
commit 53559433ef

@ -41,6 +41,13 @@ def safe_eval(expr, locals={}, include_exceptions=False):
http://stackoverflow.com/questions/12523516/using-ast-and-whitelists-to-make-pythons-eval-safe http://stackoverflow.com/questions/12523516/using-ast-and-whitelists-to-make-pythons-eval-safe
''' '''
# define certain JSON types
# eg. JSON booleans are unknown to python eval()
JSON_TYPES = {
'false': False,
'true': True,
}
# this is the whitelist of AST nodes we are going to # this is the whitelist of AST nodes we are going to
# allow in the evaluation. Any node type other than # allow in the evaluation. Any node type other than
# those listed here will raise an exception in our custom # those listed here will raise an exception in our custom
@ -116,7 +123,7 @@ def safe_eval(expr, locals={}, include_exceptions=False):
parsed_tree = ast.parse(expr, mode='eval') parsed_tree = ast.parse(expr, mode='eval')
cnv.visit(parsed_tree) cnv.visit(parsed_tree)
compiled = compile(parsed_tree, expr, 'eval') compiled = compile(parsed_tree, expr, 'eval')
result = eval(compiled, {}, dict(locals)) result = eval(compiled, JSON_TYPES, dict(locals))
if include_exceptions: if include_exceptions:
return (result, None) return (result, None)

Loading…
Cancel
Save