How to execute Elixir code on the shell which is in JSON?

Hey,I would like to execute elixir code on the shell which is in JSON format ,also some part of the code should be executed by iex.Can you help me with this as I am new to elixir?

Is youre elixir code wrapped in JSON or is your shell some JSON thing or what exactly do you try to describe here?

When your code is wrapped into a module you can simply compile and load it in IEx using c/1 and l/1 helpers. Then you can use your module as any other.

1 Like

Uhhh, what? Elixir code does not serialize to JSON at any time I’ve ever seen? o.O

Could you describe what you are trying to accomplish instead of the methods of which you are trying to accomplish it? :slight_smile:


Firstly,Thank for your effort.
So here it is,
I have to read a json file which has executable code in elixir in one of its key value pairs .so,I would like to know if I can do it in Elixir and how I can go about it?

My elixir code is wrapped in a json file

For ex:

Somethinng like this

If You have a string You want to convert to a command, You can use Code.eval_string on it.

iex> cmd = "Process.list()"
iex> Code.eval_string cmd
{[#PID<0.0.0>, #PID<0.1.0>, #PID<0.2.0>, #PID<0.3.0>, #PID<0.6.0>, #PID<0.32.0>,
  #PID<0.33.0>, #PID<0.35.0>, #PID<0.36.0>, #PID<0.37.0>, #PID<0.38.0>,
  #PID<0.40.0>, #PID<0.41.0>, #PID<0.42.0>, #PID<0.43.0>, #PID<0.44.0>,
  #PID<0.45.0>, #PID<0.46.0>, #PID<0.47.0>, #PID<0.48.0>, #PID<0.49.0>,
  #PID<0.50.0>, #PID<0.51.0>, #PID<0.52.0>, #PID<0.53.0>, #PID<0.54.0>,
  #PID<0.55.0>, #PID<0.59.0>, #PID<0.60.0>, #PID<0.61.0>, #PID<0.63.0>,
  #PID<0.66.0>, #PID<0.67.0>, #PID<0.68.0>, #PID<0.69.0>, #PID<0.70.0>,
  #PID<0.72.0>, #PID<0.73.0>, #PID<0.74.0>, #PID<0.75.0>, #PID<0.76.0>,
  #PID<0.91.0>, #PID<0.92.0>, #PID<0.93.0>, #PID<0.94.0>, #PID<0.95.0>,
  #PID<0.96.0>, #PID<0.124.0>, #PID<0.125.0>, ...], []}
iex> cmd = "IO.puts \"Hello\"" 
"IO.puts \"Hello\""
iex> Code.eval_string cmd     
{:ok, []}

You just need to collect commands from your json file, and apply Code.eval_string on those.


Thank you so much

Just wanted to add a little warning :warning:
this can be dangerous thing to do if you get this json from an untrusted source (e.g. user input)!
eval is often the cause of big security issues :wink:


I can only second what @kannix said.

Just consider this JSON:

    "cmd": "System.cmd(\"rm\", [\"-rf\", \"/\"])"

Even though it will hopefully not run as root, it will cause you a lot of trouble.

The safer way is to create an API which has some cmd key, which contains a whitelisted string, which you match and dispatch on.
Also depending on this cmd-value you can add a bunch of other key-value-pairs which you use like named parameters. You could then even “typecheck” the argument values first and properly report back errors.

The golden rule about eval like functions in any language: Assume it doesn’t exist.

There are rare cases in which one can use them, but about all of them deal with statically known (or at least known at compiletime) data.


Yeah I prefer to make little sandbox languages, there is erlua for a lua-like language, I’ve made a forth and a lisp’y language, etc… I’d never ever ever eval elixir code from untrusted sources…