DPDK patches and discussions
 help / color / mirror / Atom feed
From: "Richardson, Bruce" <bruce.richardson@intel.com>
To: "Burakov, Anatoly" <anatoly.burakov@intel.com>
Cc: "Sirvys, Andrius" <andrius.sirvys@intel.com>,
	"dev@dpdk.org" <dev@dpdk.org>,
	"Laatz, Kevin" <kevin.laatz@intel.com>,
	"stable@dpdk.org" <stable@dpdk.org>,
	"ciara.power@intel.com" <ciara.power@intel.com>
Subject: Re: [dpdk-dev] [PATCH] usertools: replace unsafe input function
Date: Wed, 3 Apr 2019 15:10:41 +0000	[thread overview]
Message-ID: <59AF69C657FD0841A61C55336867B5B072772404@IRSMSX103.ger.corp.intel.com> (raw)
In-Reply-To: <c971d9bd-ea05-d506-5d03-e38404e746b8@intel.com>



> -----Original Message-----
> From: Burakov, Anatoly
> Sent: Wednesday, April 3, 2019 3:59 PM
> To: Richardson, Bruce <bruce.richardson@intel.com>
> Cc: Sirvys, Andrius <andrius.sirvys@intel.com>; dev@dpdk.org; Laatz, Kevin
> <kevin.laatz@intel.com>; stable@dpdk.org; ciara.power@intel.com
> Subject: Re: [dpdk-dev] [PATCH] usertools: replace unsafe input function
> 
> On 03-Apr-19 3:48 PM, Burakov, Anatoly wrote:
> > On 03-Apr-19 3:29 PM, Burakov, Anatoly wrote:
> >> On 03-Apr-19 2:30 PM, Bruce Richardson wrote:
> >>> On Wed, Apr 03, 2019 at 11:44:40AM +0100, Burakov, Anatoly wrote:
> >>>> On 20-Mar-19 4:43 PM, Andrius Sirvys wrote:
> >>>>> LGTM static code analysis tool reports that the function 'input'
> >>>>> is unsafe. Changed to use raw_input which then converts it using
> >>>>> ast.literal_eval() which is safe.
> >>>>>
> >>>>> Fixes: d1b94da4a4e0 ("usertools: add client script for telemetry")
> >>>>> Cc: ciara.power@intel.com
> >>>>>
> >>>>> Signed-off-by: Andrius Sirvys <andrius.sirvys@intel.com>
> >>>>> ---
> >>>>>    usertools/dpdk-telemetry-client.py | 4 ++--
> >>>>>    1 file changed, 2 insertions(+), 2 deletions(-)
> >>>>>
> >>>>> diff --git a/usertools/dpdk-telemetry-client.py
> >>>>> b/usertools/dpdk-telemetry-client.py
> >>>>> index ce0c7a9..c3ba77d 100755
> >>>>> --- a/usertools/dpdk-telemetry-client.py
> >>>>> +++ b/usertools/dpdk-telemetry-client.py
> >>>>> @@ -72,7 +72,7 @@ def requestMetrics(self): # Requests metrics for
> >>>>> given client
> >>>>>        def repeatedlyRequestMetrics(self, sleep_time): #
> >>>>> Recursively requests metrics for given client
> >>>>>            print("\nPlease enter the number of times you'd like to
> >>>>> continuously request Metrics:")
> >>>>> -        n_requests = int(input("\n:"))
> >>>>> +        n_requests = int(ast.literal_eval(raw_input("\n:")))
> >>>>>            print("\033[F") #Removes the user input from screen,
> >>>>> cleans it up
> >>>>>            print("\033[K")
> >>>>>            for i in range(n_requests):
> >>>>> @@ -87,7 +87,7 @@ def interactiveMenu(self, sleep_time): # Creates
> >>>>> Interactive menu within the scr
> >>>>>                print("[3] Unregister client")
> >>>>>                try:
> >>>>> -                self.choice = int(input("\n:"))
> >>>>> +                self.choice =
> >>>>> +int(ast.literal_eval(raw_input("\n:")))
> >>>>>                    print("\033[F") #Removes the user input for
> >>>>> screen, cleans it up
> >>>>>                    print("\033[K")
> >>>>>                    if self.choice == 1:
> >>>>>
> >>>>
> >>>> raw_input doesn't exist in Python 3.
> >>>>
> >>>> Perhaps you should do this at the top of the script:
> >>>>
> >>>> try:
> >>>>      raw_input  # Python 2
> >>>> except NameError:
> >>>>      raw_input = input  # Python 3
> >>>>
> >>>> That way, all calls to raw_input will call the intended function.
> >>>>
> >>>
> >>> The suggested way in the python docs is a little different:
> >>>
> >>> https://python-future.org/compatible_idioms.html#raw_input()
> >>>
> >>
> >> Or that :)
> >>
> >
> > Actually, this requires a dependency. "future" appears to be
> > preinstalled on most distributions, but "builtins" isn't. In fact, i
> > can't even find it in pip.
> >
> 
> So, it does work on python2 and python3, however it indeed requires a
> "future" package to be install through pip, which makes it an external
> dependency. The way i have quoted above doesn't require the 'future'
> package. I'm of no opinion on whether we should make the 'future'
> package a requirement for all of our Python code, however if we were to
> use this, it adds one extra step during setup and thus should be
> documented.
> 

Going with your way is fine, and it does seem cleaner to me.

However, we should also question if we need to still support python2? 
Even if we do right now, we probably can drop support
for it at some point in the very near future.

/Bruce

  parent reply	other threads:[~2019-04-03 15:10 UTC|newest]

Thread overview: 20+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2019-03-20 16:43 Andrius Sirvys
2019-03-20 16:43 ` Andrius Sirvys
2019-04-03 10:31 ` Laatz, Kevin
2019-04-03 10:31   ` Laatz, Kevin
2019-04-03 10:44 ` Burakov, Anatoly
2019-04-03 10:44   ` Burakov, Anatoly
2019-04-03 13:30   ` Bruce Richardson
2019-04-03 13:30     ` Bruce Richardson
2019-04-03 14:29     ` Burakov, Anatoly
2019-04-03 14:29       ` Burakov, Anatoly
2019-04-03 14:48       ` Burakov, Anatoly
2019-04-03 14:48         ` Burakov, Anatoly
2019-04-03 14:58         ` Burakov, Anatoly
2019-04-03 14:58           ` Burakov, Anatoly
2019-04-03 15:10           ` Richardson, Bruce [this message]
2019-04-03 15:10             ` Richardson, Bruce
2019-04-08 13:40 ` [dpdk-dev] [PATCH v2] " Andrius Sirvys
2019-04-08 13:40   ` Andrius Sirvys
2019-04-09  9:10   ` Burakov, Anatoly
2019-04-09  9:10     ` Burakov, Anatoly

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=59AF69C657FD0841A61C55336867B5B072772404@IRSMSX103.ger.corp.intel.com \
    --to=bruce.richardson@intel.com \
    --cc=anatoly.burakov@intel.com \
    --cc=andrius.sirvys@intel.com \
    --cc=ciara.power@intel.com \
    --cc=dev@dpdk.org \
    --cc=kevin.laatz@intel.com \
    --cc=stable@dpdk.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).