[Zope-dev] Restricted Python not handling slices correctly
Shane Hathaway
shane at hathawaymix.org
Thu Jun 5 20:50:03 EDT 2008
Stephan Richter wrote:
> Hi everyone,
>
> I am starting to use Restricted Python a lot and I found the following problem
> with slicing:
>
>>>> from zope.security import checker
>>>> l = [1, 2]
>>>> l[-3:]
> [1, 2]
>>>> lp = checker.ProxyFactory(l)
>>>> lp[-3:]
> [2]
>
> The problem is that -3 gets converted to 1 somewhere, but it should be a
> negative number signalizing the slice to start at the beginning of the
> sequence.
>
> The problem exists both in Python 2.4 and 2.5 and affects both Zope 2 and 3,
> since both Zopes use the RestrictedPython package.
>
> I suspect that the problem lies with the new slicing syntax introduced in
> Python 2.4. I am willing to fix the bug, but I would need some guidance and
> goodwill from the gods of RestrictedPython. Anyone?
Are you in fact using RestrictedPython? The code snippet looks like it
only uses a security proxy. RestrictedPython is a custom Python
compiler; you're not using it unless your interactive Python prompt uses
RestrictedPython to compile all expressions.
The behavior you saw is exactly what happens when an object implements
__getitem__ and __len__ but not __getslice__. If lp matches that
description, and the length of lp is 2, then Python evaluates "lp[-3:]"
as "lp.__getitem__(slice(-1, 2147483647, None))". I wish Python would
instead evaluate it as "lp.__getitem__(slice(-3))", but maybe there are
historical reasons for this.
OTOH, if RestrictedPython really is involved, RP will convert the
expression to "_getitem_(lp, slice(-3, None))", which would probably do
what you wanted, assuming the _getitem_ function is not too clever.
BTW, here's the code I used to answer this email. :-)
>>> class itemgetter:
... def __getitem__(self, i):
... return i
... def __len__(self):
... return 2
...
>>> itemgetter()[-3:]
slice(-1, 2147483647, None)
Shane
More information about the Zope-Dev
mailing list