1

I am new to python. I searched and trying following approach:

I have 3rd party application called "xyz", which takes n argument.

I would like to warp this "xyz" into my module called "abc.py" which required m arguments.

I would like to read and keep my m arguments and pass remaining n argument to "xyz"

Note: the number of n argument is huge, so it would best if we dont need to re state same number of argument in my module and directly pass to "xyz"

Hope it should be possible and I didn't confused.

Thanks for the help.

Chetan
  • 172
  • 1
  • 12
  • Note that you should avoid `os.system`, *especially* when dealing with user provided data. `os.system` spawns a subshell, and this means that malign arguments may execute arbitrary code. Use `subprocess.call` instead. – Bakuriu May 29 '13 at 18:48
  • possible duplicate of [Calling an external command in Python](http://stackoverflow.com/questions/89228/calling-an-external-command-in-python) – Wolf Sep 24 '14 at 12:24

2 Answers2

2

Let's say your external program "xyz" is echo.

import subprocess
import sys

m = 3 # number of args for abc.py; remainder goes to external program 'echo'
args = sys.argv
abc_args = args[1:m+1]
echo_args = args[m+1:]

cmd = ['echo']
cmd.extend(echo_args)
subprocess.call(cmd)

This results in

$ python abc.py 1 2 3 4 5 6
4 5 6
Kim
  • 3,316
  • 5
  • 25
  • 28
0

Python will receive command line arguments in the sys.argv array. This is just an array of values passed on the command line.

If you want to take some of the arguments for use in python, just remove them from sys.argv, then pass the rest to os.system.

import sys

args = []
for arg in sys.argv:
  if isPythonArg(arg):
    savePythonArg(arg)
  else:
    args.append(arg)

os.system("xyz" + " ".join(args))
Chris
  • 16,872
  • 1
  • 15
  • 16
  • What if someone types: `$python abc.py --some python --arguments ; rm -fr TheRootDirectory`? – Bakuriu May 29 '13 at 18:47
  • I won't suggest that this is an intelligent thing to do. Merely answering the answer I think the original poster asked. – Chris May 29 '13 at 19:29
  • The problem is not that the user is stupid to add those parameters, but the fact that it is *possible* to add parameters and execute arbitrary code. An hacker could use this vulnerability and insert arguments that the user didn't want to add(and this is not theoretical. Is what actually happens, even though usually there aren't such huge flaws in good programs). – Bakuriu May 29 '13 at 21:13