Python Forum
converting arguments or input numbers
Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
converting arguments or input numbers
#1
i've been doing things like this to convert arguments or input numbers:
   number = int(sys.argv[1])
now i have found a different way that is more fun though it needs more coding:
    try:
        number = eval(sys.argv[1])
    except:
        print('oops!')
        error_count += 1
if you want the traceback info, don't use the try/except. then you don't have to calculate formulas to enter their values (though you might have to use quotes around many formulas for most command shells).
Tradition is peer pressure from dead people

What do you call someone who speaks three languages? Trilingual. Two languages? Bilingual. One language? American.
Reply
#2
Hang on a minute guys. Let me put the pop corn in the microwave.
Craig "Ichabod" O'Brien - xenomind.com
I wish you happiness.
Recommended Tutorials: BBCode, functions, classes, text adventures
Reply
#3
λ python arg_test.py "__import__('os').remove('important_file.dat')"
None

λ python arg_test.py "__import__('os').remove('important_file.dat')"
oops!
When important_file is gone Angel then get a oops.
Reply
#4
Besides the questionable use of eval, your code would improve by using a library to parse command line arguments, typically argparse of one of its wrappers argh or click or others.
Reply
#5
you can do that faster as a shell command. i won't be doing that on code that needs to run securely. it will be in code that runs with the credentials of who runs it. if you run it and do that, you'll only be doing it to yourself.

(Aug-20-2018, 06:39 AM)Gribouillis Wrote: Besides the questionable use of eval, your code would improve by using a library to parse command line arguments, typically argparse of one of its wrappers argh or click or others.
some of those libraries may be usable for some of my programs. most of my commands have unusual and/or non-standard command syntax. i have seen nothing that am able to use on eve half of my commands. my next program will have a syntax that uses both - and + and can even mix both sets of option within the same argument. and these options have specific influence on how the file names are tested as it goes. and, of course, error messages include argument context for user.

what are your questions about my use of eval()? am i calling it with credentials different than who types in that option? no!
Tradition is peer pressure from dead people

What do you call someone who speaks three languages? Trilingual. Two languages? Bilingual. One language? American.
Reply
#6
in which world your snippet with eval is better than the other one?

or if you want it with try/except
try:
    number = int(sys.argv[1])
except:
    print('oops!')
    error_count += 1
I also fully agree with Gribouillis that you will be better using package like click or similar...
If you can't explain it to a six year old, you don't understand it yourself, Albert Einstein
How to Ask Questions The Smart Way: link and another link
Create MCV example
Debug small programs

Reply
#7
Your example is insecure:
python test.py 'os.remove("important_dir/test.bin")'
The probability that the os module is already imported, is very high.

If you want to give your hackers more features like executing statements, use the built-in exec function.
Then the hacker is able to do everything. Evaluating/Executing user input is unsafe and it's well known since WEB2.0.
This is the first lesson you learn. Never trust input, where you don't have control over it. It does not
matter if the input comes from a machine or a human. It's not under your control, then it's unsafe.
Almost dead, but too lazy to die: https://sourceserver.info
All humans together. We don't need politicians!
Reply
#8
What about os.remove(__file__) or shutil.rmtree(os.path.expanduser("~")) ?
Reply
#9
@buran i just wrote a script that takes Unicode code points in various forms and converts them to a UTF-8 octet stream output (in hex) i can give it numbers on the command or in the input. i could add numbers. or i can give it an expression like range(0x400,0x440).

_
Tradition is peer pressure from dead people

What do you call someone who speaks three languages? Trilingual. Two languages? Bilingual. One language? American.
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  ValueError: Found input variables with inconsistent numbers of samples saoko 0 2,433 Jun-16-2022, 06:59 PM
Last Post: saoko
  Found input variables with inconsistent numbers of samples: [1000, 200] jenya56 2 2,807 Sep-15-2021, 12:48 PM
Last Post: jenya56
  converting user input to float troubles RecklessTechGuy 3 2,406 Aug-17-2020, 12:41 PM
Last Post: deanhystad
  square root of 5 input numbers mrityunjoy 1 1,995 Jun-10-2020, 11:08 AM
Last Post: perfringo
  square root of 6 input numbers mrityunjoy 3 2,557 Jun-07-2020, 06:35 AM
Last Post: ndc85430
  Trouble converting numbers to characters Involute 4 2,435 Sep-12-2019, 04:49 AM
Last Post: Involute
  Print Numbers starting at 1 vertically with separator for output numbers Pleiades 3 3,666 May-09-2019, 12:19 PM
Last Post: Pleiades
  converting python list to a list by user input Dante24 1 2,994 Nov-21-2017, 10:10 AM
Last Post: heiner55
  Functions (Arguments Passing,Changing a mutable ,Assignment to Arguments Names) Adelton 2 3,817 Mar-02-2017, 10:23 PM
Last Post: zivoni

Forum Jump:

User Panel Messages

Announcements
Announcement #1 8/1/2020
Announcement #2 8/2/2020
Announcement #3 8/6/2020