Menu
I've a database which returns vaild CL expressions within double quotes.
Is it possible to convert these strings to expressions.
For example, I make a query from this DB via CLSQL and as a result it returns me:
"(foo a b)"
How should I convert this expression to:
(foo a b)
and further evaluate it?
402
* (read-from-string "(+ 1 2)")
(+ 1 2)
7
There is a security problem. See the variable *read-eval*.
* (read-from-string "#.(+ 1 2)")
3
9
You really need to make sure that *read-eval* is NIL, so that reading will not evaluate code.
* (let ((*read-eval* nil)) (read-from-string "#.(+ 1 2)"))
debugger invoked on a SB-INT:SIMPLE-READER-ERROR:
can't read #. while *READ-EVAL* is NIL
Additionally calling EVAL on arbitrary input from a database is not a good idea.
Usually you want to make sure that the code does only call allowed functions.
136
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
