We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
1 parent b47419a commit 2a18ba9Copy full SHA for 2a18ba9
1 file changed
quantities/registry.py
@@ -1,8 +1,8 @@
1
"""
2
3
4
-import copy
5
import re
+import builtins
6
7
8
class UnitRegistry:
@@ -16,6 +16,13 @@ def __init__(self):
16
self.__context = {}
17
18
def __getitem__(self, string):
19
+
20
+ # easy hack to prevent arbitrary evaluation of code
21
+ all_builtins = dir(builtins)
22
+ for builtin in all_builtins:
23
+ if builtin in string:
24
+ raise RuntimeError(f"String parsing error for {string}. Enter a string accepted by quantities")
25
26
try:
27
return eval(string, self.__context)
28
except NameError:
0 commit comments