instant 0.0.3 → 0.0.4

Sign up to get free protection for your applications and to get access to all the features.
data/instant.gemspec CHANGED
@@ -2,7 +2,7 @@
2
2
 
3
3
  Gem::Specification.new do |s|
4
4
  s.name = "instant"
5
- s.version = "0.0.3"
5
+ s.version = "0.0.4"
6
6
 
7
7
  s.required_rubygems_version = Gem::Requirement.new(">= 1.2") if s.respond_to? :required_rubygems_version=
8
8
  s.authors = ["Francis Chong"]
@@ -3,24 +3,31 @@ require 'timeout'
3
3
 
4
4
  module Instant
5
5
  class Runner
6
- def initialize(processor = Processor.new)
6
+ def initialize(processor = Processor.new, timeout=1)
7
7
  @processor = processor
8
+ @timeout = timeout
8
9
  end
9
10
 
10
- def run(source, timeout=1)
11
+ def run(source)
11
12
  begin
12
13
  @processed = @processor.process(source)
13
14
  context = Context.new
14
15
  return_value = nil
15
16
 
16
- begin
17
- Timeout::timeout(timeout) do
18
- return_value = context.instance_eval(@processed)
17
+ begin
18
+ thread = Thread.new do
19
+ $SAFE = 3
20
+ Timeout::timeout(@timeout) do
21
+ return_value = context.instance_eval(@processed)
22
+ end
19
23
  end
24
+ thread.join
20
25
  ensure
21
26
  context.close
22
27
  end
23
28
  {:status => :ok, :result => context.to_s, :return_value => return_value}
29
+ rescue SecurityError => e
30
+ {:status => :error, :cause => :security_error, :message => format_error(e), :result => context.to_s }
24
31
  rescue SyntaxError => e
25
32
  {:status => :error, :cause => :syntax_error, :message => format_error(e), :result => context.to_s }
26
33
  rescue Racc::ParseError => e
@@ -28,7 +35,7 @@ module Instant
28
35
  rescue Instant::LoopTooDeepError => e
29
36
  {:status => :error, :cause => :loop_too_deep, :message => "Loop too deep", :result => context.to_s }
30
37
  rescue Timeout::Error => e
31
- {:status => :error, :cause => :timeout, :message => "Timeout: code take more than #{timeout}s to run.", :result => context.to_s }
38
+ {:status => :error, :cause => :timeout, :message => "Timeout: code take more than #{@timeout}s to run.", :result => context.to_s }
32
39
  rescue StandardError => e
33
40
  {:status => :error, :cause => :unknown, :message => format_error(e), :result => context.to_s }
34
41
  end
@@ -1,3 +1,3 @@
1
1
  module Instant
2
- VERSION = "0.0.3"
2
+ VERSION = "0.0.4"
3
3
  end
@@ -80,5 +80,23 @@ describe Instant::Runner do
80
80
  results = result[:result].split("\n")
81
81
  results[0].strip.should =~ /k = 1/
82
82
  end
83
+
84
+ it "should guard against dangerous code" do
85
+ source = "def hello
86
+ k = 1
87
+ fork do
88
+ puts 'haha!'
89
+ end
90
+ end; hello"
91
+
92
+ runner = Instant::Runner.new
93
+ result = runner.run(source)
94
+ result[:status].should == :error
95
+ result[:cause].should == :security_error
96
+
97
+ results = result[:result].split("\n")
98
+ results[0].strip.should =~ /k = 1/
99
+
100
+ end
83
101
  end
84
102
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: instant
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.0.3
4
+ version: 0.0.4
5
5
  prerelease:
6
6
  platform: ruby
7
7
  authors:
@@ -13,7 +13,7 @@ date: 2012-04-22 00:00:00.000000000 Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  name: ruby2ruby
16
- requirement: &70272864264440 !ruby/object:Gem::Requirement
16
+ requirement: &70152269239240 !ruby/object:Gem::Requirement
17
17
  none: false
18
18
  requirements:
19
19
  - - ~>
@@ -21,10 +21,10 @@ dependencies:
21
21
  version: 1.3.1
22
22
  type: :runtime
23
23
  prerelease: false
24
- version_requirements: *70272864264440
24
+ version_requirements: *70152269239240
25
25
  - !ruby/object:Gem::Dependency
26
26
  name: ruby_parser
27
- requirement: &70272864263620 !ruby/object:Gem::Requirement
27
+ requirement: &70152269236960 !ruby/object:Gem::Requirement
28
28
  none: false
29
29
  requirements:
30
30
  - - ~>
@@ -32,10 +32,10 @@ dependencies:
32
32
  version: 2.3.1
33
33
  type: :runtime
34
34
  prerelease: false
35
- version_requirements: *70272864263620
35
+ version_requirements: *70152269236960
36
36
  - !ruby/object:Gem::Dependency
37
37
  name: rspec
38
- requirement: &70272864263040 !ruby/object:Gem::Requirement
38
+ requirement: &70152269236140 !ruby/object:Gem::Requirement
39
39
  none: false
40
40
  requirements:
41
41
  - - ~>
@@ -43,10 +43,10 @@ dependencies:
43
43
  version: 2.9.0
44
44
  type: :development
45
45
  prerelease: false
46
- version_requirements: *70272864263040
46
+ version_requirements: *70152269236140
47
47
  - !ruby/object:Gem::Dependency
48
48
  name: rake
49
- requirement: &70272864262320 !ruby/object:Gem::Requirement
49
+ requirement: &70152269235360 !ruby/object:Gem::Requirement
50
50
  none: false
51
51
  requirements:
52
52
  - - ~>
@@ -54,10 +54,10 @@ dependencies:
54
54
  version: '1.1'
55
55
  type: :development
56
56
  prerelease: false
57
- version_requirements: *70272864262320
57
+ version_requirements: *70152269235360
58
58
  - !ruby/object:Gem::Dependency
59
59
  name: echoe
60
- requirement: &70272864261780 !ruby/object:Gem::Requirement
60
+ requirement: &70152269234860 !ruby/object:Gem::Requirement
61
61
  none: false
62
62
  requirements:
63
63
  - - ! '>='
@@ -65,10 +65,10 @@ dependencies:
65
65
  version: '0'
66
66
  type: :development
67
67
  prerelease: false
68
- version_requirements: *70272864261780
68
+ version_requirements: *70152269234860
69
69
  - !ruby/object:Gem::Dependency
70
70
  name: autotest
71
- requirement: &70272864260820 !ruby/object:Gem::Requirement
71
+ requirement: &70152269233940 !ruby/object:Gem::Requirement
72
72
  none: false
73
73
  requirements:
74
74
  - - ! '>='
@@ -76,10 +76,10 @@ dependencies:
76
76
  version: '0'
77
77
  type: :development
78
78
  prerelease: false
79
- version_requirements: *70272864260820
79
+ version_requirements: *70152269233940
80
80
  - !ruby/object:Gem::Dependency
81
81
  name: pry
82
- requirement: &70272864259600 !ruby/object:Gem::Requirement
82
+ requirement: &70152269232540 !ruby/object:Gem::Requirement
83
83
  none: false
84
84
  requirements:
85
85
  - - ! '>='
@@ -87,7 +87,7 @@ dependencies:
87
87
  version: '0'
88
88
  type: :development
89
89
  prerelease: false
90
- version_requirements: *70272864259600
90
+ version_requirements: *70152269232540
91
91
  description: An experiment on real time visualize development tool.
92
92
  email: francis@ignition.hk
93
93
  executables: []