Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Appearance settings

Commit 2ef5caa

Browse filesBrowse files
serhiy-storchakaserhiy-storchaka
authored
bpo-41944: No longer call eval() on content received via HTTP in the CJK codec tests (pythonGH-22566)
1 parent 91e3339 commit 2ef5caa
Copy full SHA for 2ef5caa

File tree

2 files changed

+9
-14
lines changed
Filter options

2 files changed

+9
-14
lines changed

‎Lib/test/multibytecodec_support.py

Copy file name to clipboardExpand all lines: Lib/test/multibytecodec_support.py
+8-14Lines changed: 8 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -305,29 +305,23 @@ def test_mapping_file(self):
305305
self._test_mapping_file_plain()
306306

307307
def _test_mapping_file_plain(self):
308-
unichrs = lambda s: ''.join(map(chr, map(eval, s.split('+'))))
308+
def unichrs(s):
309+
return ''.join(chr(int(x, 16)) for x in s.split('+'))
310+
309311
urt_wa = {}
310312

311313
with self.open_mapping_file() as f:
312314
for line in f:
313315
if not line:
314316
break
315-
data = line.split('#')[0].strip().split()
317+
data = line.split('#')[0].split()
316318
if len(data) != 2:
317319
continue
318320

319-
csetval = eval(data[0])
320-
if csetval <= 0x7F:
321-
csetch = bytes([csetval & 0xff])
322-
elif csetval >= 0x1000000:
323-
csetch = bytes([(csetval >> 24), ((csetval >> 16) & 0xff),
324-
((csetval >> 8) & 0xff), (csetval & 0xff)])
325-
elif csetval >= 0x10000:
326-
csetch = bytes([(csetval >> 16), ((csetval >> 8) & 0xff),
327-
(csetval & 0xff)])
328-
elif csetval >= 0x100:
329-
csetch = bytes([(csetval >> 8), (csetval & 0xff)])
330-
else:
321+
if data[0][:2] != '0x':
322+
self.fail(f"Invalid line: {line!r}")
323+
csetch = bytes.fromhex(data[0][2:])
324+
if len(csetch) == 1 and 0x80 <= csetch[0]:
331325
continue
332326

333327
unich = unichrs(data[1])

‎Misc/NEWS.d/next/Tests/2020-10-05-17-43-46.bpo-41944.rf1dYb.rst

Copy file name to clipboard
+1Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1 @@
1+
Tests for CJK codecs no longer call ``eval()`` on content received via HTTP.

0 commit comments

Comments
0 (0)
Morty Proxy This is a proxified and sanitized view of the page, visit original site.