From 02c898f4f34659d4bfe2aa3dcb15adbb4f50f2a3 Mon Sep 17 00:00:00 2001 From: Fabio Erculiani Date: Sun, 31 May 2009 17:51:29 +0200 Subject: [PATCH] entropy.client.services.ugc.commands: eval() is evil() --- .../entropy/client/services/ugc/interfaces.py | 15 +++++++++++---- 1 file changed, 11 insertions(+), 4 deletions(-) diff --git a/libraries/entropy/client/services/ugc/interfaces.py b/libraries/entropy/client/services/ugc/interfaces.py index 84953f0eb..129601742 100644 --- a/libraries/entropy/client/services/ugc/interfaces.py +++ b/libraries/entropy/client/services/ugc/interfaces.py @@ -175,7 +175,6 @@ class Client: def logout(self, repository): return self.store.remove_login(repository) - # eval(func) must have session as first param def do_cmd(self, repository, login_required, func, args, kwargs): if not self.TxLocks.has_key(repository): @@ -219,9 +218,17 @@ class Client: return logged, error break - rslt = eval("srv.CmdInterface.%s" % (func,))(*args,**kwargs) - srv.close_session(session) - srv.disconnect() + try: + cmd_func = getattr(srv.CmdInterface, func) + except AttributeError: + return False, 'local function not available' + rslt = cmd_func(*args,**kwargs) + try: + srv.close_session(session) + srv.disconnect() + except ConnectionError: + return False, 'no connection' + return rslt def get_comments(self, repository, pkgkey):