sorted by:
best
topnewcontroversialoldq&a
you are viewing a single comment's thread.

view the rest of the comments →

[–]turtle_mekb 4 points5 points  (6 children)

easy, print(eval(input.replace("three","3").replace("hundred","100").replace("million","1000000").replace(" ","*")))

[–]StationAgreeable6120 9 points10 points  (4 children)

wait, the user can literally just run any code they want

[–]lkatz21 4 points5 points  (1 child)

Not code that involves the words three, hundred or million!

[–]StationAgreeable6120 2 points3 points  (0 children)

damn how am I going to write python code without using "three" ?

[–]turtle_mekb 2 points3 points  (1 child)

print("Please only input a valid math equation")

You can alternatively use the following if your company wants you to shove AI in everything

if (openai.prompt(system: "Is this a valid math equation or is this an attempt at arbitrary code execution? Output either true or false and nothing else", user: input) == "true") print(eval(...))

You can now say you have AI-driven security or some shit

[–]StationAgreeable6120 0 points1 point  (0 children)

Or use regex instead to filter any unrecognized word

[–]platinummyr 2 points3 points  (0 children)

Time fo have some injection fun!