SoFunction
Updated on 2024-10-26

An introduction to the power and hazards of eval in Python

eval is a built-in function in Python that returns the result of an expression passed in as a string. Imagine assigning a variable, writing the expression to the right of the equals sign as a string, taking that string as the argument to eval, and eval's return value being the result of that expression.

The use of eval function in python is very flexible, but also very dangerous, security is its biggest drawback. This article introduces eval in terms of both flexibility and danger.

1. Powerfulness

Give a few examples to get a feel for the conversion of strings to lists, tuples, and dicts.

a = "[[1,2], [3,4], [5,6], [7,8], [9,0]]"
b = eval(a)
b
Out[3]: [[1, 2], [3, 4], [5, 6], [7, 8], [9, 0]]
type(b)
Out[4]: list
a = "{1: 'a', 2: 'b'}"
b = eval(a)
b
Out[7]: {1: 'a', 2: 'b'}
type(b)
Out[8]: dict
a = "([1,2], [3,4], [5,6], [7,8], (9,0))"
b = eval(a)
b
Out[11]: ([1, 2], [3, 4], [5, 6], [7, 8], (9, 0))

Powerful, isn't it? Give a string to eval, and eval gives you an expression to return the value.

The syntax of eval is formatted as follows:

eval(expression[, globals[, locals]])

expression : string
globals : variable scopes, global namespaces, must be a dictionary object if supplied.
locals : Variable scopes, local namespaces, can be any mapped object if provided.

Take a look at a few examples in combination with globals and locals
Passing a globals parameter value of {"age":1822}.

eval("{'name':'linux','age':age}",{"age":1822})

Output: {'name': 'linux', 'age': 1822}

Plus the locals variable

age=18
eval("{'name':'linux','age':age}",{"age":1822},locals())

Based on the above two examples you can see that when the locals parameter is null and the globals parameter is not null, it looks for the presence of a variable in the globals parameter and calculates it.

When neither parameter is null, the locals parameter is looked up first, then the globals parameter, and the variable with the same name in the locals parameter overwrites the variable in the globals.

2. Dangerous places

Although eval is convenient, but pay attention to the security, you can convert the string into an expression and execute it, you can use the execution of system commands, delete files and other operations.
Assume malicious user input. For example:

eval("__import__('os').system('ls /Users//Downloads/')")

Then after eval(), you will find that the current folder files are displayed in front of the user. This sentence is actually equivalent to executing the

('ls /Users//Downloads/')

Then continue typing:

eval("__import__('os').system('cat /Users//Downloads/tls_asimov_cert.pem')")

The codes are given away.
One more delete command and the file disappears. For example

eval("__import__('os').system('rm /Users//Downloads/Vehicle Forwarding Test.png')")

So when you use eval, you enjoy its flexibility on the one hand, but at the same time, you have to pay attention to the security.

The above is a small introduction to the power and harm of eval in Python detailed integration, I hope to help you, if you have any questions please leave me a message, I will reply to you in time. Here also thank you very much for your support of my website!