[Zope-dev] Announce: PythonMethod 0.0.1

Andreas Kostyrka andreas@mtg.co.at
Tue, 7 Sep 1999 22:04:18 +0200 (CEST)


On Tue, 7 Sep 1999, Evan Simpson wrote:

> Martijn Faassen wrote:
> 
> > Does it do any kind of cut-off after too many bytecodes are executed
> > already? I wasn't able to find a reference to this in the docs so I
> > assume not. It'd be very neat if it did that, though. :)
> 
> It sure would be.  Sadly, while I've been told that this might be possible in a
> generic fashion, the only way I *know* how to do it is to insert a lot of test
> code near jumps.  Implementing that is way down my list.
Well, actually, one could count not bytecodes but iterations.
The only possible culprits are
while expr:
	stmts

and possibly
for i in some_weird_dynamic_expression:
	stmts

Now, just insert a local variable, increment it on each loop iteration.
Set an unreasonable high limit like 500000 iterations.

Now, I know, this is not the same as using deterministic bytecode
counters, but it should catch infinite loops, what is basically the
idea for Web-entered code.

Additionally, you should consider making a copy of builtins, and use it
instead of the orginal, so the python method is executed in Safe mode.
While this might force hardcore Python hackers to use external methods,
it would magically close all loopholes like accessing __dict__, code block
attributes, etc.
 
Andreas
--
Andreas Kostyrka                     | andreas@mtg.co.at
phone: +43/1/7070750                 | phone: +43/676/4091256   
MTG Handelsges.m.b.H.                | fax:   +43/1/7065299
Raiffeisenstr. 16/9                  | 2320 Zwoelfaxing AUSTRIA