Module safe_eval
[hide private]
[frames] | no frames]

Module safe_eval

source code

'Safe' python code evaluation

Based on the public domain code of Babar K. Zafar http://aspn.activestate.com/ASPN/Cookbook/Python/Recipe/496746 (version 0.1 or 1.2 May 27 2006)

The idea is to examine the compiled ast tree and chack for invalid entries

I have removed the timeout checking as this probably isn't a serious problem for veusz documents

Classes [hide private]
  SafeEvalError
Base class for all which occur while walking the AST.
  SafeEvalASTNodeError
Expression/statement in AST evaluates to a restricted AST node type.
  SafeEvalBuiltinError
Expression/statement in tried to access a restricted builtin.
  SafeEvalAttrError
Expression/statement in tried to access a restricted attribute.
  SafeEvalVisitor
Data-driven visitor which walks the AST for some code and makes sure it doesn't contain any expression/statements which are declared as restricted in 'unallowed_ast_nodes'.
  SafeEvalException
Base class for all safe-eval related errors.
  SafeEvalCodeException
Exception class for reporting all errors which occured while validating AST for source code in safe_eval().
  SafeEvalContextException
Exception class for reporting unallowed objects found in the dict intended to be used as the local enviroment in safe_eval().
  SafeEvalTimeoutException
Exception class for reporting that code evaluation execeeded the given timelimit.
  TestSafeEval
Functions [hide private]
 
classname(obj) source code
 
get_node_lineno(node) source code
 
is_unallowed_attr(name) source code
 
checkContextOkay(context)
Check the context statements will be executed in.
source code
 
checkCode(code)
Check code, returning errors (if any) or None if okay
source code
 
exec_timed(code, context, timeout_secs)
Dynamically execute 'code' using 'context' as the global enviroment.
source code
 
timed_safe_eval(code, context={}, timeout_secs=5)
Validate source code and make sure it contains no unauthorized expression/statements as configured via 'unallowed_ast_nodes' and 'unallowed_builtins'.
source code
Variables [hide private]
  DEBUG = False
  all_ast_nodes = ['Add', 'And', 'AssAttr', 'AssList', 'AssName'...
  all_builtins = ['BaseException', 'KeyboardInterrupt', 'SystemE...
  unallowed_ast_nodes = {'Backquote': True, 'Exec': True, 'From'...
  unallowed_builtins = {'__import__': True, 'compile': True, 'de...
  unallowed_attr = {'f_back': True, 'f_builtins': True, 'f_code'...
  ast_name = 'TryFinally'
  name = 'vars'
Function Details [hide private]

checkContextOkay(context)

source code 

Check the context statements will be executed in.

Returns True if context is okay

exec_timed(code, context, timeout_secs)

source code 

Dynamically execute 'code' using 'context' as the global enviroment. SafeEvalTimeoutException is raised if execution does not finish within the given timelimit.

timed_safe_eval(code, context={}, timeout_secs=5)

source code 

Validate source code and make sure it contains no unauthorized
expression/statements as configured via 'unallowed_ast_nodes' and
'unallowed_builtins'. By default this means that code is not
allowed import modules or access dangerous builtins like 'open' or
'eval'. If code is considered 'safe' it will be executed via
'exec' using 'context' as the global environment. More details on
how code is executed can be found in the Python Reference Manual
section 6.14 (ignore the remark on '__builtins__'). The 'context'
enviroment is also validated and is not allowed to contain modules
or builtins. The following exception will be raised on errors:

  if 'context' contains unallowed objects = 
    SafeEvalContextException

  if code is didn't validate and is considered 'unsafe' = 
    SafeEvalCodeException

  if code did not execute within the given timelimit =
    SafeEvalTimeoutException


Variables Details [hide private]

all_ast_nodes

Value:
['Add',
 'And',
 'AssAttr',
 'AssList',
 'AssName',
 'AssTuple',
 'Assert',
 'Assign',
...

all_builtins

Value:
['BaseException',
 'KeyboardInterrupt',
 'SystemExit',
 '__import__',
 'abs',
 'all',
 'any',
 'apply',
...

unallowed_ast_nodes

Value:
{'Backquote': True,
 'Exec': True,
 'From': True,
 'Import': True,
 'Raise': True,
 'TryExcept': True,
 'TryFinally': True}

unallowed_builtins

Value:
{'__import__': True,
 'compile': True,
 'delattr': True,
 'dir': True,
 'eval': True,
 'execfile': True,
 'file': True,
 'getattr': True,
...

unallowed_attr

Value:
{'f_back': True,
 'f_builtins': True,
 'f_code': True,
 'f_exc_traceback': True,
 'f_exc_type': True,
 'f_exc_value': True,
 'f_globals': True,
 'f_locals': True,
...