Usage of ast.
Jon Ribbens
jon+usenet at unequivocal.eu
Mon Feb 27 09:18:29 EST 2017
More information about the Python-list mailing list
Mon Feb 27 09:18:29 EST 2017
- Previous message (by thread): Usage of ast.
- Next message (by thread): Usage of ast.
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On 2017-02-27, Vincent Vande Vyvre <vincent.vande.vyvre at telenet.be> wrote: > Le 27/02/17 à 14:09, Chris Angelico a écrit : >> The message is a little confusing, but the error comes from the fact >> that literal_eval permits a very few legal operations, and calling a >> function isn't one of them. So when you try to evaluate the "literal" >> that you've given it, you get back an error saying that a Call is >> 'malformed'. More accurate would be to say that it's not permitted. > > OK, it's coherent with the secure execution. "execution" isn't really the right way to describe literal_eval(). It isn't an code executor or even an expression evaluator, all it does is turns a Python literal in source form into the value that source represents. You can't do literal_eval("2*3") for example, because that's an expression not a literal. The only reason you can do literal_eval("2+3") (in Python>=3.2) is because of a side effect of the fact that complex number literals are, well, complex ("2+3j"), and the support for +/- wasn't restricted to complex literals only.
- Previous message (by thread): Usage of ast.
- Next message (by thread): Usage of ast.
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the Python-list mailing list