Input and Output of Python Tutorial (5) - Vulnerability in the input() function - Python 2.x

This article aims to explain and explore Python 2.x 中 input() 函數的漏洞.在 Python 3 中,raw_input() function is removed,Its functionality was moved to a new built-in function,稱為 input().

在 Python 2.x different ways of entering data in

在 Python 2.x There are two common methods of receiving input：

1. 使用input() 函數： 此函數按原樣Get the value and type of the input you entered,without modifying any type.
2. 使用raw_input() 函數：This function takes the input you provideExplicitly cast to string type,

Let us use the following procedure to determine the difference between the two：

# Python 2.x The program shows the difference between the two# input() 和 rawinput() 函數# 使用 raw_input() 函數的 3 個輸入,# The data type of the input value is then displayeds1 = raw_input("Enter input to test raw_input() function: ")print type(s1)s2 = raw_input("Enter input to test raw_input() function: ")print type(s2)s3 = raw_input("Enter input to test raw_input() function: ")print type(s3)# 使用 input() 函數的 3 個輸入,# The data type of the input value is then displayeds4 = input("Enter input to test input() function: ")print type(s4)s5 = input("Enter input to test input() function: ")print type(s5)s6 = input("Enter input to test input() function: ")print type(s6)

輸入：

Hello456[1,2,3]45"goodbye"[1,2,3]

輸出:

Enter input to test raw_input() function: <type 'str'>Enter input to test raw_input() function: <type 'str'>Enter input to test raw_input() function: <type 'str'>Enter input to test input() function: <type 'int'>Enter input to test input() function: <type 'str'>Enter input to test input() function: <type 'list'>

注意： 在 input() When entering a string into a function,We have to enclose the value in double quotes.這在 raw_input() 中不是必需的

input() loopholes in the method

input() The flaw in the method is,Variables that access the input value can be accessed by anyone by using the name of the variable or method.Let's explore them one by one：

Variable name as input parameter：

A variable with an input variable value can directly access the value of the input variable.

Python 2.x Programs are displayed using variables input() 函數中的漏洞

import randomsecret_number = random.randint(1,500)print "Pick a number between 1 to 500"while True: res = input("Guess the number: ") if res==secret_number: print "You win" break else: print "You lose" continue

Python 3 演示 input() 函數的差異

import randomsecret_number = random.randint(1,500)print ("Pick a number between 1 to 500")while True: res = input("Guess the number: ") if res==secret_number: print ("You win") break else: print ("You lose") continue

輸入：

15

輸出：

Pick a number between 1 to 500Guess the number: You loseGuess the number: 

輸入:

secret_number

輸出:

Pick a number between 1 to 500Guess the number: You win

可以看出,在第二種情況下,變量“secret_number”Can be given directly as input,答案總是“你贏了”.It evaluates the variable like entering a number directly,This means it always returns True Boolean.無法使用 raw_input,Because it doesn't allow to read the variable directly.

Python 3 顯示了不同的結果.如果“secret_number”作為輸入,答案是“You lose”.

函數名作為參數：

漏洞就在這裡,Because we can even provide the name of the function as input and access values ​​that we shouldn't otherwise.

# Python 2.x The program is demonstrated by passing the function name as an argument input() 函數漏洞secret_value = 500# A function that returns the secret valuedef secretfunction(): return secret_value# 使用 raw_input() 輸入數字input1 = raw_input("Raw_input(): Guess secret number: ")# input1 will be explicitly converted to a stringif input1 == secret_value: print "You guessed correct"else: print "wrong answer" # 使用 input() 輸入數字input2 = input("Input(): Guess the secret number: ")# input2 Evaluate as you typeif input2 == secret_value: print "You guessed correct"else: print "wrong answer"

輸入:

400secretfunction()

輸出:

Raw_input(): Guess secret number: wrong answerInput(): Guess the secret number: You guessed correct

Enter in this group/輸出中,我們可以看到,當我們使用 raw_input 時,We must enter the correct number.然而,在使用 input() 函數時,We can even provide the name of a function or variable,The interpreter will evaluate it.例如,這裡的 input() The input to the function is specified as a function“secretfunction()”的名稱.The interpreter evaluates this function call and returns the secret number we hope to find,So even if we didn't enter the secret number,如果條件評估為真,我們也會返回：

secretfunction()secret_value

輸出:

Raw_input(): Guess secret number: wrong answerInput(): Guess the secret number: You guessed correct

As explained in the first point,在這個例子中,我們也能夠在“input()”Simply enter the variable name in the input of the function“secret_number”,We are then able to access the secret value.然而,當試圖在 raw_input() Called on the input of the function secretfunction() 時,It gives us error,Because the interpreter converts our arguments to strings,and doesn't evaluate to a function call.

Prevent input loopholes

在 python 2.x 中使用 raw_input() 總是更好,Then explicitly cast the input to whatever type we need.例如,If we wish to enter an integer,我們可以執行以下操作

n = int(raw_input())

This prevents malicious calls or evaluation of functions.