12 Feb
2020
12 Feb
'20
11:14 p.m.
On 2/12/20 8:46 PM, Markus Klotzbuecher wrote:
Commit b237d358b "moveconfig: expand simple expressions" added support for expanding expressions in configs, but used the unsafe python built-in "eval". This patch fixes this by replacing eval with the asteval module.
Signed-off-by: Markus Klotzbuecher mk@mkio.de Cc: Heinrich Schuchardt xypron.glpk@gmx.de Cc: Heiko Schocher hs@denx.de Cc: Tom Rini trini@konsulko.com Cc: Simon Glass sjg@chromium.org Cc: Joe Hershberger joe.hershberger@ni.com Cc: Masahiro Yamada yamada.masahiro@socionext.com
Thanks for addressing this concern.
Reviewed-by: Heinrich Schuchardt xypron.glpk@gmx.de