Are you an EPFL student looking for a semester project?
Work with us on data science and visualisation projects, and deploy your project as an app on top of Graph Search.
Concept
Eval
Summary
In some programming languages, eval , short for the English evaluate, is a function which evaluates a string as though it were an expression in the language, and returns a result; in others, it executes multiple lines of code as though they had been included instead of the line including the eval. The input to eval is not necessarily a string; it may be structured representation of code, such as an abstract syntax tree (like Lisp forms), or of special type such as code (as in Python). The analog for a statement is exec, which executes a string (or code in other format) as if it were a statement; in some languages, such as Python, both are present, while in other languages only one of either eval or exec is.
Eval and apply are instances of meta-circular evaluators, interpreters of a language that can be invoked within the language itself.
Using eval with data from an untrusted source may introduce security vulnerabilities. For instance, assuming that the get_data() function gets data from the Internet, this Python code is insecure:
session['authenticated'] = False
data = get_data()
foo = eval(data)
An attacker could supply the program with the string "session.update(authenticated=True)" as data, which would update the session dictionary to set an authenticated key to be True. To remedy this, all data which will be used with eval must be escaped, or it must be run without access to potentially harmful functions.
In interpreted languages, eval is almost always implemented with the same interpreter as normal code. In compiled languages, the same compiler used to compile programs may be embedded in programs using the eval function; separate interpreters are sometimes used, though this results in code duplication.
In JavaScript, eval is something of a hybrid between an expression evaluator and a statement executor. It returns the result of the last expression evaluated.
Example as an expression evaluator:
foo = 2;
alert(eval('foo + 2'));
Example as a statement executor:
foo = 2;
eval('foo = foo + 2;alert(foo);');
One use of JavaScript's eval is to parse JSON text, perhaps as part of an Ajax framework.
Official source
About this result
This page is automatically generated and may contain information that is not correct, complete, up-to-date, or relevant to your search query. The same applies to every other page on this website. Please make sure to verify the information with EPFL's official sources.