Xiang Zhang added the comment: Christian, I think our patches are quite similar in function. They only allow limited tokens.
> I consider it a superior solution and a fix for more generic attacks Mine now still allows **. But it can be easily fixed. But both our patches still translate a C expression to Python and still suffer from nested ternary operator and different semantics between C and Python, e.g. (2==2==2 as Serhiy notes). :-( I plan to try a simple parser. ---------- _______________________________________ Python tracker <rep...@bugs.python.org> <http://bugs.python.org/issue28563> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com