bpo-41944: No longer call eval() on content received via HTTP in the … · python/cpython@43e5231 (original) (raw)
`@@ -305,29 +305,23 @@ def test_mapping_file(self):
`
305
305
`self._test_mapping_file_plain()
`
306
306
``
307
307
`def _test_mapping_file_plain(self):
`
308
``
`-
unichrs = lambda s: ''.join(map(chr, map(eval, s.split('+'))))
`
``
308
`+
def unichrs(s):
`
``
309
`+
return ''.join(chr(int(x, 16)) for x in s.split('+'))
`
``
310
+
309
311
`urt_wa = {}
`
310
312
``
311
313
`with self.open_mapping_file() as f:
`
312
314
`for line in f:
`
313
315
`if not line:
`
314
316
`break
`
315
``
`-
data = line.split('#')[0].strip().split()
`
``
317
`+
data = line.split('#')[0].split()
`
316
318
`if len(data) != 2:
`
317
319
`continue
`
318
320
``
319
``
`-
csetval = eval(data[0])
`
320
``
`-
if csetval <= 0x7F:
`
321
``
`-
csetch = bytes([csetval & 0xff])
`
322
``
`-
elif csetval >= 0x1000000:
`
323
``
`-
csetch = bytes([(csetval >> 24), ((csetval >> 16) & 0xff),
`
324
``
`-
((csetval >> 8) & 0xff), (csetval & 0xff)])
`
325
``
`-
elif csetval >= 0x10000:
`
326
``
`-
csetch = bytes([(csetval >> 16), ((csetval >> 8) & 0xff),
`
327
``
`-
(csetval & 0xff)])
`
328
``
`-
elif csetval >= 0x100:
`
329
``
`-
csetch = bytes([(csetval >> 8), (csetval & 0xff)])
`
330
``
`-
else:
`
``
321
`+
if data[0][:2] != '0x':
`
``
322
`+
self.fail(f"Invalid line: {line!r}")
`
``
323
`+
csetch = bytes.fromhex(data[0][2:])
`
``
324
`+
if len(csetch) == 1 and 0x80 <= csetch[0]:
`
331
325
`continue
`
332
326
``
333
327
`unich = unichrs(data[1])
`