diff options
| author | Guido van Rossum <guido@python.org> | 1997-12-10 22:35:02 +0000 | 
|---|---|---|
| committer | Guido van Rossum <guido@python.org> | 1997-12-10 22:35:02 +0000 | 
| commit | 90d62ab0a175b8f3451ee74f29d5de83650e2292 (patch) | |
| tree | 9791fc43c2a1f401cf44ca56cf8aaff435d91b87 /Lib/stringold.py | |
| parent | e680546894ae6e5dffe8b6f6a6a17a56301033ae (diff) | |
| download | cpython-git-90d62ab0a175b8f3451ee74f29d5de83650e2292.tar.gz | |
Since this module is used as a fallback in case no built-in modules
have been configured, string.atof() should not fail when "import re"
fails (usually because pcre is not there).
This opens up a tiny security hole: *if* an attacker can make "import
re" fail, they can also make string.atof(arbitrary_string) evaluate
the arbitrary string.  Nothing to keep me awake at night...
Diffstat (limited to 'Lib/stringold.py')
| -rw-r--r-- | Lib/stringold.py | 10 | 
1 files changed, 7 insertions, 3 deletions
| diff --git a/Lib/stringold.py b/Lib/stringold.py index 2139a75fb6..8c649526d1 100644 --- a/Lib/stringold.py +++ b/Lib/stringold.py @@ -203,7 +203,11 @@ re = None  def atof(str):  	global re  	if re is None: -		import re +		# Don't fail if re doesn't exist -- just skip the syntax check +		try: +			import re +		except ImportError: +			re = 0  	sign = ''  	s = strip(str)  	if s and s[0] in '+-': @@ -212,10 +216,10 @@ def atof(str):  	if not s:  		raise ValueError, 'non-float argument to string.atof'  	while s[0] == '0' and len(s) > 1 and s[1] in digits: s = s[1:] -	if not re.match('[0-9]*(\.[0-9]*)?([eE][-+]?[0-9]+)?$', s): +	if re and not re.match('[0-9]*(\.[0-9]*)?([eE][-+]?[0-9]+)?$', s):  		raise ValueError, 'non-float argument to string.atof'  	try: -		return float(eval(sign + s)) +		return float(eval(sign + s, {}))  	except SyntaxError:  		raise ValueError, 'non-float argument to string.atof' | 
