Fem: [skip ci] use ply parser instead of insecure eval() function (no…

…t yet enabled)
FreeCAD · Feb 14, 2020 · 53bbf09 · 53bbf09
1 parent cd7fb70
commit 53bbf09
Show file tree

Hide file tree

Showing 3 changed files with 151 additions and 0 deletions.
diff --git a/src/Mod/Fem/CMakeLists.txt b/src/Mod/Fem/CMakeLists.txt
@@ -218,6 +218,7 @@ SET(FemTools_SRCS
     femtools/__init__.py
     femtools/ccxtools.py
     femtools/femutils.py
+    femtools/tokrules.py
 )
 
 SET(FemObjectsScripts_SRCS

diff --git a/src/Mod/Fem/femguiobjects/_ViewProviderFemResultMechanical.py b/src/Mod/Fem/femguiobjects/_ViewProviderFemResultMechanical.py
@@ -495,7 +495,29 @@ def calculate(self):
         self.update()
         self.restore_result_dialog()
         userdefined_eq = self.result_widget.user_def_eq.toPlainText()  # Get equation to be used
+
+        """
+        from ply import lex
+        from ply import yacc
+        import femtools.tokrules as tokrules
+        identifiers = [
+            'x', 'y', 'z', 'T', 'Von', 'Peeq', 'P1', 'P2', 'P3',
+            'sxx', 'syy', 'szz', 'sxy', 'sxz', 'syz',
+            'exx', 'eyy', 'ezz', 'exy', 'exz', 'eyz',
+            'MF', 'NP', 'rx', 'ry', 'rz', 'mc',
+            's1x', 's1y', 's1z', 's2x', 's2y', 's2z', 's3x', 's3y', 's3z'
+        ]
+        tokrules.names = {}
+        for i in identifiers:
+            tokrules.names[i] = locals()[i]
+
+        lexer = lex.lex(module=tokrules)
+        yacc.parse(input="UserDefinedFormula={0}".format(userdefined_eq), lexer=lexer)
+        UserDefinedFormula = tokrules.names["UserDefinedFormula"].tolist()
+        tokrules.names = {}
+        """
         UserDefinedFormula = eval(userdefined_eq).tolist()
+
         if UserDefinedFormula:
             self.result_obj.UserDefined = UserDefinedFormula
             minm = min(UserDefinedFormula)

diff --git a/src/Mod/Fem/femtools/tokrules.py b/src/Mod/Fem/femtools/tokrules.py
@@ -0,0 +1,128 @@
+# ***************************************************************************
+# *   Copyright (c) 2020 Werner Mayer <wmayer[at]users.sourceforge.net>     *
+# *                                                                         *
+# *   This program is free software; you can redistribute it and/or modify  *
+# *   it under the terms of the GNU Lesser General Public License (LGPL)    *
+# *   as published by the Free Software Foundation; either version 2 of     *
+# *   the License, or (at your option) any later version.                   *
+# *   for detail see the LICENCE text file.                                 *
+# *                                                                         *
+# *   This program is distributed in the hope that it will be useful,       *
+# *   but WITHOUT ANY WARRANTY; without even the implied warranty of        *
+# *   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the         *
+# *   GNU Library General Public License for more details.                  *
+# *                                                                         *
+# *   You should have received a copy of the GNU Library General Public     *
+# *   License along with this program; if not, write to the Free Software   *
+# *   Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  *
+# *   USA                                                                   *
+# *                                                                         *
+# ***************************************************************************
+
+__title__ = "FEM Utilities"
+__author__ = "Werner Mayer"
+__url__ = "http://www.freecadweb.org"
+
+tokens = (
+    'NAME','FLOAT','INT',
+    'PLUS','MINUS','TIMES','DIVIDE','EQUALS',
+    'LPAREN','RPAREN','COMMENT',
+    )
+
+# Tokens
+
+t_PLUS    = r'\+'
+t_MINUS   = r'-'
+t_TIMES   = r'\*'
+t_DIVIDE  = r'/'
+t_EQUALS  = r'='
+t_LPAREN  = r'\('
+t_RPAREN  = r'\)'
+t_NAME    = r'[a-zA-Z_][a-zA-Z0-9_]*'
+
+def t_FLOAT(t):
+    r'\d+\.(\d+)?([eE][-+]?\d+)?'
+    t.value = float(t.value)
+    return t
+
+def t_INT(t):
+    r'\d+'
+    t.value = int(t.value)
+    return t
+
+# Ignored characters
+t_ignore = " \t"
+
+def t_COMMENT(t):
+    r'\#.*'
+    pass
+
+def t_newline(t):
+    r'\n+'
+    t.lexer.lineno += t.value.count("\n")
+
+def t_error(t):
+    print("Illegal character '%s'" % t.value[0])
+    t.lexer.skip(1)
+
+# Build the lexer
+import ply.lex as lex
+lex.lex()
+
+# Precedence rules for the arithmetic operators
+precedence = (
+    ('left','PLUS','MINUS'),
+    ('left','TIMES','DIVIDE'),
+    ('right','UMINUS'),
+    )
+
+# dictionary of names (for storing variables)
+names = { }
+
+def p_statement_assign(p):
+    'statement : NAME EQUALS expression'
+    names[p[1]] = p[3]
+
+def p_statement_expr(p):
+    'statement : expression'
+    print(p[1])
+
+def p_expression_binop(p):
+    '''expression : expression PLUS expression
+                  | expression MINUS expression
+                  | expression TIMES expression
+                  | expression DIVIDE expression'''
+    if p[2] == '+'  : p[0] = p[1] + p[3]
+    elif p[2] == '-': p[0] = p[1] - p[3]
+    elif p[2] == '*': p[0] = p[1] * p[3]
+    elif p[2] == '/': p[0] = p[1] / p[3]
+
+def p_expression_uminus(p):
+    'expression : MINUS expression %prec UMINUS'
+    p[0] = -p[2]
+
+def p_expression_group(p):
+    'expression : LPAREN expression RPAREN'
+    p[0] = p[2]
+
+def p_expression_float(p):
+    'expression : FLOAT'
+    p[0] = p[1]
+
+def p_expression_int(p):
+    'expression : INT'
+    p[0] = p[1]
+
+def p_expression_name(p):
+    'expression : NAME'
+    try:
+        p[0] = names[p[1]]
+    except LookupError:
+        print("Undefined name '%s'" % p[1])
+        p[0] = 0
+
+def p_error(p):
+    print("Syntax error at '%s'" % p.value)
+
+import ply.yacc as yacc
+yacc.yacc()