Python’s `exec()` function allows you to execute dynamically created Python code within your programs. While it can be a powerful tool, it should be used with caution due to security risks. In this article, we’ll explore how to use the `exec()` function in Python, along with examples to illustrate its capabilities.
1. Understanding the `exec()` Function.
The `exec()` function is a built-in Python function that dynamically executes Python code passed to it as a string. Here’s the basic syntax of the `exec()` function:
exec(source, globals=None, locals=None)
`source`: This is the string containing the Python code to be executed.
`globals` (optional): A dictionary that represents the global symbol table. If not provided, it uses the current global symbol table.
`locals` (optional): A dictionary that represents the local symbol table. If not provided, it uses the current local symbol table.
2. Examples of `exec()` Function Usage.
2.1 Simple Expression Evaluation.
You can use `exec()` to evaluate simple expressions:
x = 5 expression = "x = x * 2" exec_result = exec(expression) print(exec_result) # None print(x) # 10
Output. In this example, the code inside the `expression` string is executed, and it doubles the value of `x`.
None 10
2.2 Dynamic Function Creation.
You can create functions dynamically and execute them using `exec()`:
function_code = """ def greet(name): print(f"Hello, {name}!") """ exec(function_code) greet("Jerry") # Hello, Jerry!
Output. In this example, we define a `greet` function dynamically using `exec()`, and then we call it.
Hello, Jerry!
Below is another example that uses exec() function to create a function, but there are loops in the function.
def use_exec_to_create_python_function(): function_code = """ def greet(name): for i in range(3): print(f"Hello, {name}!") """ return function_code if __name__ == "__main__": function_code = use_exec_to_create_python_function() exec(function_code) greet("Jerry")
When you run the above code, it will generate the below output.
Hello, Jerry! Hello, Jerry! Hello, Jerry!
Below is an incorrect function content string that will throw the IndentationError: unexpected indent.
def use_exec_to_create_python_function(): function_code = """ def greet(name): for i in range(3): print(f"Hello, {name}!") """ return function_code
You can read the article How to Fix Python IndentationError: Unexpected Indent with Examples to learn more.
2.3 Reading and Writing Files.
`exec()` can be useful when reading and executing code from external files: There are 2 Python files in this example, one is script.py which contains the Python code below.
print('Hello from python file script.py.')
The other Python file is exec_function_usage.py, it is saved in the same folder as the script.py file, below is the file content.
with open("./script.py", "r") as file: script_code = file.read() exec(script_code)
When you open a command line window, go to the above Python files saved folder and run the command python ./exec_function_usage.py, you will see the below output.
$ python ./exec_function_usage.py Hello from python file script.py.
In this case, the contents of “script.py” are read and executed using `exec()`. Be cautious when executing code from external sources, as it can be a security risk.
2.4 Modifying Variables.
`exec()` can be used to modify variables in a dynamic way: The code passed to `exec()` modifies the value of `x`.
x = 5 exec("x += 1") print(x) # 6
2.5 Loop Generation.
You can use `exec()` to generate and execute loops:
for_loop_script = """ for i in range(3): print('Iteration', i) """ exec(for_loop_script)
This code generates and executes a loop with the help of `exec()`.
Iteration 0 Iteration 1 Iteration 2
If you meet the error message IndentationError: unexpected indent, you can read the article How to Fix Python IndentationError: Unexpected Indent with Examples to learn how to fix it.
3. Security Considerations.
While the `exec()` function provides flexibility, it also poses security risks. When executing code from untrusted sources, be aware of the potential for code injection attacks. Always validate and sanitize user input before using it with `exec()` to prevent vulnerabilities.
4. Conclusion.
The `exec()` function in Python is a powerful tool for executing dynamic code within your programs. It can be used for various tasks, from simple expression evaluation to dynamic function creation.
However, it should be used with caution, especially when handling untrusted input, to mitigate security risks. Understanding the potential uses and risks of `exec()` will help you make informed decisions when incorporating it into your Python programs.