D
Derek Fountain
Given the character string "0x00A1B2C3" arriving at sys.argv[1] how do I
convert that to an integer which I can do some math on?
convert that to an integer which I can do some math on?
10597059Le 26-08-2004 said:Given the character string "0x00A1B2C3" arriving at sys.argv[1] how do I
convert that to an integer which I can do some math on?
Derek said:Given the character string "0x00A1B2C3" arriving at sys.argv[1] how do I
convert that to an integer which I can do some math on?
Rick said:Derek said:Given the character string "0x00A1B2C3" arriving at sys.argv[1] how do I
convert that to an integer which I can do some math on?
i = eval(sys.argv[1])
Peter said:Rick said:Derek said:Given the character string "0x00A1B2C3" arriving at sys.argv[1] how do I
convert that to an integer which I can do some math on?
i = eval(sys.argv[1])
That's dangerous advice to a newbie if not qualified carefully.
Derek, "eval" could be the source of serious security problems
if you don't understand its power.
Peter Hansen said:Rick said:i = eval(sys.argv[1])Derek said:Given the character string "0x00A1B2C3" arriving at sys.argv[1] how do I
convert that to an integer which I can do some math on?
That's dangerous advice to a newbie if not qualified carefully.
Derek, "eval" could be the source of serious security problems
if you don't understand its power. Specifically it should
almost never be used for input that comes from a user or
via the command line. There is pretty much always another
and much better way to do the simple stuff like conversions
than to use eval.
For example, imagine if a malicious could feed your program this:
(on the Linux command line)
$ myscript "__import_('os').system('rm -rf /')"
Michael said:Rick said:Derek Fountain wrote:
Given the character string "0x00A1B2C3" arriving at sys.argv[1] how do I
convert that to an integer which I can do some math on?
i = eval(sys.argv[1])
That's dangerous advice to a newbie if not qualified carefully.
Derek, "eval" could be the source of serious security problems
if you don't understand its power. Specifically it should
almost never be used for input that comes from a user or
via the command line. There is pretty much always another
and much better way to do the simple stuff like conversions
than to use eval.
For example, imagine if a malicious could feed your program this:
(on the Linux command line)
$ myscript "__import_('os').system('rm -rf /')"
Well, in this situation, he could just type
$ rm -rf /
But, yes.
Want to reply to this thread or ask your own question?
You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.