From 07149c73c8b8283d5a5594b39feeffd9dfaec8d5 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Peter=20=C5=A0urda?= <surda@economicsofbitcoin.com>
Date: Sun, 18 Feb 2018 20:14:21 +0100
Subject: [PATCH] Get rid of evals

- eval is evil. Get rid of the remaining evals. They were not assessed
  as dangerous but it's matter of policy now.
---
 src/bitmessagecli.py | 14 ++++++--------
 src/inventory.py     |  5 +----
 2 files changed, 7 insertions(+), 12 deletions(-)

diff --git a/src/bitmessagecli.py b/src/bitmessagecli.py
index d7f4e5a9..05f4506e 100644
--- a/src/bitmessagecli.py
+++ b/src/bitmessagecli.py
@@ -375,10 +375,9 @@ def bmSettings(): #Allows the viewing and modification of keys.dat settings.
         main()
 
 def validAddress(address):
-    address_information = api.decodeAddress(address)
-    address_information = eval(address_information)
+    address_information = json.loads(api.decodeAddress(address))
         
-    if 'success' in str(address_information.get('status')).lower():
+    if 'success' in str(address_information['status']).lower():
         return True
     else:
         return False
@@ -1346,15 +1345,14 @@ def UI(usrInput): #Main user menu
 
     elif usrInput == "addinfo":
         tmp_address = userInput('\nEnter the Bitmessage Address.')
-        address_information = api.decodeAddress(tmp_address)
-        address_information = eval(address_information)
+        address_information = json.loads(api.decodeAddress(tmp_address))
 
         print '\n------------------------------'
         
-        if 'success' in str(address_information.get('status')).lower():
+        if 'success' in str(address_information['status']).lower():
             print ' Valid Address'            
-            print ' Address Version: %s' % str(address_information.get('addressVersion'))
-            print ' Stream Number: %s' % str(address_information.get('streamNumber'))
+            print ' Address Version: %s' % str(address_information['addressVersion'])
+            print ' Stream Number: %s' % str(address_information['streamNumber'])
         else:
             print ' Invalid Address !'
 
diff --git a/src/inventory.py b/src/inventory.py
index 598021fb..8177cbbb 100644
--- a/src/inventory.py
+++ b/src/inventory.py
@@ -18,10 +18,7 @@ class Inventory():
     def __init__(self):
         #super(self.__class__, self).__init__()
         self._moduleName = BMConfigParser().safeGet("inventory", "storage")
-        #import_module("." + self._moduleName, "storage")
-        #import_module("storage." + self._moduleName)
-        self._className = "storage." + self._moduleName + "." + self._moduleName.title() + "Inventory"
-        self._inventoryClass = eval(self._className)
+        self._inventoryClass = getattr(getattr(storage, self._moduleName), "{}Inventory".format(self._moduleName.title()))
         self._realInventory = self._inventoryClass()
         self.numberOfInventoryLookupsPerformed = 0