|
|
|
|
|
|
by Sohcahtoa82
2928 days ago
|
|
|
> When I need to parse or validate S-expressions, I just write the functions (here message, to, from, timestamp, etc.) so that eval()ing the S-expressions either validates it or returns whatever data structure I need. facepalm As soon as you've decided to call an eval() function on potentially untrusted data, you've lost to an attacker. |
|
|