Please review this at http://codereview.appspot.com/179056
Affected files:
M tryton/common/common.py
Index: tryton/common/common.py
===================================================================
--- a/tryton/common/common.py
+++ b/tryton/common/common.py
@@ -1180,24 +1180,35 @@
'DELETE_NAME', 'JUMP_IF_TRUE', 'JUMP_IF_FALSE', 'BINARY_SUBSCR',
] if x in dis.opmap)
+_SAFE_EVAL_CACHE = {}
def safe_eval(source, data=None):
if '__subclasses__' in source:
raise ValueError('__subclasses__ not allowed')
- c = compile(source, '', 'eval')
- codes = []
- s = c.co_code
- i = 0
- while i < len(s):
- code = ord(s[i])
- codes.append(code)
- if code >= dis.HAVE_ARGUMENT:
- i += 3
- else:
- i += 1
- for code in codes:
- if code not in _ALLOWED_CODES:
- raise ValueError('opcode %s not allowed' % dis.opname[code])
+ if hashlib:
+ key = hashlib.md5(source).hexdigest()
+ else:
+ key = md5.new(source).hexdigest()
+ if key in _SAFE_EVAL_CACHE:
+ c = _SAFE_EVAL_CACHE[key]
+ else:
+ c = compile(source, '', 'eval')
+ codes = []
+ s = c.co_code
+ i = 0
+ while i < len(s):
+ code = ord(s[i])
+ codes.append(code)
+ if code >= dis.HAVE_ARGUMENT:
+ i += 3
+ else:
+ i += 1
+ for code in codes:
+ if code not in _ALLOWED_CODES:
+ raise ValueError('opcode %s not allowed' %
dis.opname[code])
+ if len(_SAFE_EVAL_CACHE) > 1024:
+ _SAFE_EVAL_CACHE.clear()
+ _SAFE_EVAL_CACHE[key] = c
return eval(c, {'__builtins__': {
'True': True,
'False': False,
--
Cédric Krier
B2CK SPRL
Rue de Rotterdam, 4
4000 Liège
Belgium
Tel: +32 472 54 46 59
Email: [email protected]
Jabber: [email protected]
Website: http://www.b2ck.com/
twitter: http://twitter.com/cedrickrier
identi.ca: http://identi.ca/cedrickrier
pgpydoZaU9Oxi.pgp
Description: PGP signature
