@@ -167,20 +167,28 @@ and classes for traversing abstract syntax trees:
167167
168168.. function :: literal_eval(node_or_string)
169169
170- Safely evaluate an expression node or a string containing a Python literal or
170+ Evaluate an expression node or a string containing only a Python literal or
171171 container display. The string or node provided may only consist of the
172172 following Python literal structures: strings, bytes, numbers, tuples, lists,
173173 dicts, sets, booleans, and ``None ``.
174174
175- This can be used for safely evaluating strings containing Python values from
176- untrusted sources without the need to parse the values oneself. It is not
177- capable of evaluating arbitrarily complex expressions, for example involving
178- operators or indexing.
175+ This can be used for evaluating strings containing Python values without the
176+ need to parse the values oneself. It is not capable of evaluating
177+ arbitrarily complex expressions, for example involving operators or
178+ indexing.
179+
180+ This function had been documented as "safe" in the past without defining
181+ what that meant. That was misleading. This is specifically designed not to
182+ execute Python code, unlike the more general :func: `eval `. There is no
183+ namespace, no name lookups, or ability to call out. But it is not free from
184+ attack: A relatively small input can lead to memory exhaustion or to C stack
185+ exhaustion, crashing the process. There is also the possibility for
186+ excessive CPU consumption denial of service on some inputs. Calling it on
187+ untrusted data is thus not recommended.
179188
180189 .. warning ::
181- It is possible to crash the Python interpreter with a
182- sufficiently large/complex string due to stack depth limitations
183- in Python's AST compiler.
190+ It is possible to crash the Python interpreter due to stack depth
191+ limitations in Python's AST compiler.
184192
185193 .. versionchanged :: 3.2
186194 Now allows bytes and set literals.
0 commit comments