From 6b1f242d251d88c906bc98d32b4ae5d1593620e3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Michael=20P=C3=B6hn?= Date: Tue, 22 May 2018 13:24:37 +0200 Subject: [PATCH] added tests for common.calculate_math_string --- fdroidserver/common.py | 2 ++ tests/common.TestCase | 13 +++++++++++++ 2 files changed, 15 insertions(+) diff --git a/fdroidserver/common.py b/fdroidserver/common.py index c1a70003..2cde1dc1 100644 --- a/fdroidserver/common.py +++ b/fdroidserver/common.py @@ -3224,6 +3224,8 @@ def calculate_math_string(expr): raise SyntaxError(node) try: + if '#' in expr: + raise SyntaxError('no comments allowed') return execute_ast(ast.parse(expr, mode='eval').body) except SyntaxError as e: raise SyntaxError("could not parse expression '{expr}', " diff --git a/tests/common.TestCase b/tests/common.TestCase index f95a0820..e9dcafa7 100755 --- a/tests/common.TestCase +++ b/tests/common.TestCase @@ -779,6 +779,19 @@ class CommonTest(unittest.TestCase): self.assertEqual(('1.0-free', '1', 'com.kunzisoft.fdroidtest.applicationidsuffix'), fdroidserver.common.parse_androidmanifests(paths, app)) + def test_calculate_math_string(self): + self.assertEqual(1234, fdroidserver.common.calculate_math_string('1234')) + self.assertEqual(4, fdroidserver.common.calculate_math_string('(1+1)*2')) + self.assertEqual(2, fdroidserver.common.calculate_math_string('(1-1)*2+3*1-1')) + with self.assertRaises(SyntaxError): + fdroidserver.common.calculate_math_string('__import__("urllib")') + with self.assertRaises(SyntaxError): + fdroidserver.common.calculate_math_string('self') + with self.assertRaises(SyntaxError): + fdroidserver.common.calculate_math_string('1+1; print(1)') + with self.assertRaises(SyntaxError): + fdroidserver.common.calculate_math_string('1-1 # no comment') + if __name__ == "__main__": parser = optparse.OptionParser()