feat: 测试文件
This commit is contained in:
28
match/test_dangerous_functions.py
Normal file
28
match/test_dangerous_functions.py
Normal file
@@ -0,0 +1,28 @@
|
||||
"""
|
||||
危险函数测试
|
||||
"""
|
||||
|
||||
import os
|
||||
|
||||
# 潜在的危险函数调用示例
|
||||
os.system("ls")
|
||||
eval("2 + 2")
|
||||
exec("print('Executing dangerous exec function')")
|
||||
popen_result = os.popen('echo "Hello World"').read()
|
||||
print(popen_result)
|
||||
|
||||
# 一些正常操作
|
||||
print("This is a safe print statement.")
|
||||
result = sum([1, 2, 3])
|
||||
print("Sum result:", result)
|
||||
|
||||
# 尝试使用 subprocess 以更安全的方式调用外部命令
|
||||
import subprocess
|
||||
|
||||
subprocess.run(["echo", "Subprocess run is safer than os.system"])
|
||||
|
||||
# 错误的函数调用尝试
|
||||
try:
|
||||
os.system("rm -rf /") # 非常危险的调用,应避免在实际环境中使用
|
||||
except:
|
||||
print("Failed to execute dangerous system call.")
|
Reference in New Issue
Block a user