Author xiang.zhang
Recipients Carl Ekerot, christian.heimes, loewis, serhiy.storchaka, xiang.zhang
Date 2016-11-05.19:21:44
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <>
Christian, I think our patches are quite similar in function. They only allow limited tokens. 

> I consider it a superior solution and a fix for more generic attacks

Mine now still allows **. But it can be easily fixed.

But both our patches still translate a C expression to Python and still suffer from nested ternary operator and different semantics between C and Python, e.g. (2==2==2 as Serhiy notes). :-( I plan to try a simple parser.
Date User Action Args
2016-11-05 19:21:44xiang.zhangsetrecipients: + xiang.zhang, loewis, christian.heimes, serhiy.storchaka, Carl Ekerot
2016-11-05 19:21:44xiang.zhangsetmessageid: <>
2016-11-05 19:21:44xiang.zhanglinkissue28563 messages
2016-11-05 19:21:44xiang.zhangcreate