meson-render-jinja2: use ast.literal_eval()

Imports are sorted in the usual fashion: stdlib first. literal_eval() parses string/numbers/lists/sets/dicts, and nothing else, while eval will execute any python code. Using literal_eval() is generally more correct, because it avoids the risk of side effects from the parsed expression. In this case, we generate the parsed strings ourselves, so it's very unlikely to have anything unexpected in the expressions. But let's do the correct thing anyway.
2024-07-21 18:24:38 +00:00 · 2021-11-05 11:51:17 +01:00 · 2021-11-05 11:51:17 +01:00 · 5f035b13de
parent 7f9521d5e1
commit 5f035b13de
1 changed files with 4 additions and 2 deletions
--- a/tools/meson-render-jinja2.py
+++ b/tools/meson-render-jinja2.py
@ -1,10 +1,12 @@
 #!/usr/bin/env python3
 # SPDX-License-Identifier: LGPL-2.1-or-later

-import jinja2
+import ast
 import re
 import sys

+import jinja2
+
 def parse_config_h(filename):
    # Parse config.h file generated by meson.
    ans = {}
@ -14,7 +16,7 @@ def parse_config_h(filename):
            continue
        a, b = m.groups()
        if b and b[0] in '0123456789"':
-            b = eval(b)
+            b = ast.literal_eval(b)
        ans[a] = b
    return ans