Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

How to compile text as a function using AST?

Tags:

python

exec

abstract-syntax-tree

I need to compile an input string (from a database) as a function and run it. This is the method I currently use:

Say I already have this function defined:

def foo():
    print "Yo foo! I am a function!"

And the string I read in from the database says I should call this function:

string_from_db = "foo()"

I then form a function (whose name I can control) which returns the function I read in from the database:

my_func_string = "def doTheFunc():\n\t return " + string_from_db

Now I compile the string, and set it to a function name I use later for processing:

exec my_func_string
processor = doTheFunc

I can call it later by running processor() which exclaims: Yo foo! I am a function!

My Question: Above this piece of code there is a comment (left by a long lost developer):

    ###############################################################
    # The following method for getting a function out of the text #
    # in the database could potentially be replaced by using      #
    # Python's ast module to obtain an abstract syntax tree and   #
    # put it inside of a function node                            #
    ###############################################################

I'd like to know more about this "potential replacement." I have taken a look at AST, but I am very confused on how it can help me do what I am already doing with the code above.

  1. How can I accomplish the same thing using AST? Or where can AST help me in this process?
  2. Is the implementation using AST better, and why?
like image 437
dinkelk Avatar asked Nov 12 '12 19:11

dinkelk

1 Answers

AST is a much safer choice when evaluating untrusted code, that could contain malicious instructions, eval or exec can execute any expression, while AST on the other hand, allows you to parse and validate the expression yourself, or execute a limited expression using ast.literal_eval, sort of like a sandbox, which allows only strings, lists, numbers and a few other things. This is just a simple example:

import ast
a = ast.literal_eval("[1,2,3,4]") //evaluate an expression safely.

Another example that parses a string into an AST:

import ast
source = '2 + 2'
node = ast.parse(source, mode='eval')
ast.dump(node)

This prints:

Expression(body=BinOp(left=Num(n=2), op=Add(), right=Num(n=2)))

There's a very good tutorial here and also the documentation

like image 178
iabdalkader Avatar answered Oct 17 '22 06:10

iabdalkader
Sign in to Comment

Related questions

Widget-based web framework in Python (similar to vaadin, GWT or zkoss)
how to iterate over all the objects in a PDF page and check which ones are text objects?
how to receive regex from command line in python
How to build “vectorized” building blocks using itertools module?
Date format using gviz_api.py
How to specify encoding to fileinput
How to round an RGB value to the closest web safe value with PIL (Python Imaging Library)?
xmlsec1 sign works on command line but fails on Python code
Using Multiprocessing module for updating Tkinter GUI
Using memcache.add() instead of set()
Attributes to a subclass of pandas.DataFrame disappear after pickle
Using Search API Python - Google App Engine Big Table
How to add a bootstrap script to tox's virtualenv?
Python Paramiko timeout with long execution, need full output
HTML form data not received by Tornado class
type hint for an instance of a non specific dataclass
What's the difference between dir() and __dir__?
Pyspark --py-files doesn't work
How to hyperlink in a Jupyter notebook?
Start() vs run() for threads in Python?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!