更安全的方法来同情未定义的输入
safersympif的Python项目详细描述
更安全的sympify
将未初始化的用户输入转换为同情表达式。
这并不能阻止所有可能的攻击。然而,这比sympy仍然使用的eval()
安全得多。
有关详细信息,请参见sympy pr12524:https://github.com/sympy/sympy/pull/12524
示例
Create a SymPy expression from user input.
This uses pure Python syntax.
Whitelisted operators and functions only are allowed.
>>> expr = SaferSympify().str2sympy('-sqrt(1 + a**b*b)/((a**b)*b+1)')
>>> expr
-1/sqrt(a**b*b + 1)
Get free symbols:
>>> sorted(expr.free_symbols, key=lambda x: str(x))
[a, b]
Evaluate expression:
>>> expr.evalf(subs={'a': 1, 'b': 3, 'c': 5}) # Note extra values can be passed too
-0.500000000000000
Simplify expression:
>>> expr.simplify()
-1/sqrt(a**b*b + 1)
Pretty-print expression as Latex (could be displayed in browser with MathJax)
>>> sympy.latex(expr)
'- \\frac{1}{\\sqrt{a^{b} b + 1}}'