feat: 测试文件
This commit is contained in:
28
match/test_dangerous_functions.py
Normal file
28
match/test_dangerous_functions.py
Normal file
@@ -0,0 +1,28 @@
|
|||||||
|
"""
|
||||||
|
危险函数测试
|
||||||
|
"""
|
||||||
|
|
||||||
|
import os
|
||||||
|
|
||||||
|
# 潜在的危险函数调用示例
|
||||||
|
os.system("ls")
|
||||||
|
eval("2 + 2")
|
||||||
|
exec("print('Executing dangerous exec function')")
|
||||||
|
popen_result = os.popen('echo "Hello World"').read()
|
||||||
|
print(popen_result)
|
||||||
|
|
||||||
|
# 一些正常操作
|
||||||
|
print("This is a safe print statement.")
|
||||||
|
result = sum([1, 2, 3])
|
||||||
|
print("Sum result:", result)
|
||||||
|
|
||||||
|
# 尝试使用 subprocess 以更安全的方式调用外部命令
|
||||||
|
import subprocess
|
||||||
|
|
||||||
|
subprocess.run(["echo", "Subprocess run is safer than os.system"])
|
||||||
|
|
||||||
|
# 错误的函数调用尝试
|
||||||
|
try:
|
||||||
|
os.system("rm -rf /") # 非常危险的调用,应避免在实际环境中使用
|
||||||
|
except:
|
||||||
|
print("Failed to execute dangerous system call.")
|
Reference in New Issue
Block a user