From 4328dde8f85d31d0225e3419f72193b18e3b0dbc Mon Sep 17 00:00:00 2001
From: Paul Sokolovsky <pfalcon@users.sourceforge.net>
Date: Sun, 21 Jan 2018 14:42:49 +0200
Subject: [PATCH] pickle: Replace exec() with eval(), smaller surface for
 security issues.

---
 pickle/pickle.py | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/pickle/pickle.py b/pickle/pickle.py
index 204a8ec6..18c46ae0 100644
--- a/pickle/pickle.py
+++ b/pickle/pickle.py
@@ -18,5 +18,4 @@ def loads(s):
             pkg = qualname.rsplit(".", 1)[0]
             mod = __import__(pkg)
             d[pkg] = mod
-    exec("v=" + s, d)
-    return d["v"]
+    return eval(s, d)