ppr 0.0.7 → 0.0.8
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/ppr/safer_generator.rb +113 -52
- data/lib/ppr/test_ppr.rb +1 -0
- data/lib/ppr/version.rb +1 -1
- metadata +1 -1
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 2042d52e7ba854cb3813ded3c053f15f0d62cf72e3a5c62b3b2546d9fc24e12a
|
4
|
+
data.tar.gz: c03dc06cb0f09e56efdae00063e0451389319163b4b674a3d959c22915216dfb
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 5c9c6b98dc45c18bc65a219e7c220b55bfd606d411f1bbcd28ad12bd42cd6271dc224725cb1ad8521e5211f657e3c99627883426252ad5917f9fafd07235113a
|
7
|
+
data.tar.gz: b687e440a1fd675306a070258c0b8807b2725c4a133d05602f9fb7134a1b1073c0a451d63a9f4dc2c07bba151d18ce223bd628cf543c211ccdac7f66de18e018
|
data/lib/ppr/safer_generator.rb
CHANGED
@@ -43,6 +43,16 @@ class SaferGenerator
|
|
43
43
|
methods = DANGER_METHODS + @black_methods
|
44
44
|
# Gather the constants to strip.
|
45
45
|
constants = DANGER_CONSTANTS + @black_constants
|
46
|
+
# Save the dangerous methods in a private safe.
|
47
|
+
@safe_of_methods = {}
|
48
|
+
methods.each do |meth|
|
49
|
+
@safe_of_methods[meth]=method(meth)
|
50
|
+
end
|
51
|
+
# Save the dangerous constants in a private safe.
|
52
|
+
@safe_of_constants = {}
|
53
|
+
constants.each do |cst|
|
54
|
+
@safe_of_constants[cst] = Object.send(:const_get,cst)
|
55
|
+
end
|
46
56
|
# Strip the dangerous methods.
|
47
57
|
methods.each do |meth|
|
48
58
|
Kernel.send(:undef_method,meth)
|
@@ -53,6 +63,21 @@ class SaferGenerator
|
|
53
63
|
end
|
54
64
|
end
|
55
65
|
|
66
|
+
# Restores all the stripped Kernel methods and constants appart from the
|
67
|
+
# elements of the white list.
|
68
|
+
# Also strip Object from dangerous methods and constants apart
|
69
|
+
# from the elements of the white list.
|
70
|
+
def unsecure
|
71
|
+
# Restores the dangerous methods in a private safe.
|
72
|
+
@safe_of_methods.each do |(name,pr)|
|
73
|
+
Kernel.send(:define_method,name,&pr)
|
74
|
+
end
|
75
|
+
# Restors the dangerous constants in a private safe.
|
76
|
+
@safe_of_constants.each do |(name,cst)|
|
77
|
+
Object.const_set(name,cst)
|
78
|
+
end
|
79
|
+
end
|
80
|
+
|
56
81
|
|
57
82
|
# Executes +block+ in a safe context for generating text into a +stream+.
|
58
83
|
#
|
@@ -65,61 +90,97 @@ class SaferGenerator
|
|
65
90
|
end
|
66
91
|
# Creates the pipe for communicating with the block.
|
67
92
|
rd,wr = IO.pipe
|
68
|
-
# Creates a process for executing the block.
|
69
|
-
pid = fork
|
70
|
-
if pid then
|
71
|
-
|
72
|
-
|
73
|
-
|
74
|
-
|
75
|
-
|
76
|
-
|
77
|
-
|
78
|
-
|
79
|
-
|
80
|
-
|
81
|
-
|
82
|
-
|
83
|
-
|
84
|
-
|
85
|
-
|
86
|
-
|
87
|
-
|
88
|
-
|
89
|
-
|
90
|
-
|
91
|
-
|
92
|
-
|
93
|
-
|
94
|
-
|
95
|
-
|
96
|
-
|
97
|
-
|
98
|
-
|
99
|
-
|
100
|
-
else
|
101
|
-
|
102
|
-
|
103
|
-
|
104
|
-
|
105
|
-
|
106
|
-
|
93
|
+
# # Creates a process for executing the block.
|
94
|
+
# pid = fork
|
95
|
+
# if pid then
|
96
|
+
# # This is the parent: waits for the block execution result.
|
97
|
+
# # No need to write on the pipe. close it.
|
98
|
+
# wr.close
|
99
|
+
# # Read the result of the process and send it to stream
|
100
|
+
# until rd.eof?
|
101
|
+
# stream << rd.read
|
102
|
+
# end
|
103
|
+
# # No more need of rd.
|
104
|
+
# rd.close
|
105
|
+
# # Wait the end of the child process
|
106
|
+
# Process.wait(pid)
|
107
|
+
# # Where there a trouble?
|
108
|
+
# unless $?.exited? then
|
109
|
+
# # pid did not exit, internal error.
|
110
|
+
# raise "*Internal error*: safer process #{pid} did not exit."
|
111
|
+
# end
|
112
|
+
# if $?.exitstatus !=0 then
|
113
|
+
# # Reconstruct the exception from the stream, the exit
|
114
|
+
# # status is the number of line to use.
|
115
|
+
# e0 = Marshal.load( stream.string.each_line.
|
116
|
+
# to_a[-$?.exitstatus..-1].join )
|
117
|
+
# # Then resend the eception encapsulated into another one
|
118
|
+
# # telling the safer process failed.
|
119
|
+
# begin
|
120
|
+
# raise e0
|
121
|
+
# rescue Exception => e1
|
122
|
+
# raise SaferException.new("*Error*: exception occured in safer process #{pid}.")
|
123
|
+
# end
|
124
|
+
# end
|
125
|
+
# else
|
126
|
+
# # This is the child: enter in safe mode and execute the block.
|
127
|
+
# # No need to write on the pipe. close it.
|
128
|
+
# rd.close
|
129
|
+
# # Secure.
|
130
|
+
# secure
|
131
|
+
# # Execute the block.
|
132
|
+
# begin
|
133
|
+
# block.call(wr)
|
134
|
+
# rescue Exception => e
|
135
|
+
# # The exception is serialized and passed to the main process
|
136
|
+
# # through the pipe.
|
137
|
+
# e = Marshal.dump(e)
|
138
|
+
# wr << "\n" << e
|
139
|
+
# # The exit status is the number of line of the serialized
|
140
|
+
# # exception.
|
141
|
+
# exit!(e.each_line.count)
|
142
|
+
# end
|
143
|
+
# # No more need of wr.
|
144
|
+
# wr.close
|
145
|
+
# # End the process without any error.
|
146
|
+
# exit!(0)
|
147
|
+
# end
|
148
|
+
#
|
149
|
+
# # Is there a string to return?
|
150
|
+
# if to_return then
|
151
|
+
# return stream.string
|
152
|
+
# else
|
153
|
+
# return nil
|
154
|
+
# end
|
155
|
+
|
156
|
+
# Secure.
|
157
|
+
secure
|
158
|
+
trouble = nil
|
159
|
+
# Execute the block.
|
160
|
+
begin
|
161
|
+
block.call(wr)
|
162
|
+
rescue Exception => e
|
163
|
+
trouble = e
|
164
|
+
end
|
165
|
+
# No more need of wr.
|
166
|
+
wr.close
|
167
|
+
|
168
|
+
# Unsecure and process the result.
|
169
|
+
unsecure
|
170
|
+
# Read the result of the process and send it to stream
|
171
|
+
until rd.eof?
|
172
|
+
stream << rd.read
|
173
|
+
end
|
174
|
+
# No more need of rd.
|
175
|
+
rd.close
|
176
|
+
if trouble then
|
107
177
|
begin
|
108
|
-
|
109
|
-
rescue Exception =>
|
110
|
-
|
111
|
-
# through the pipe.
|
112
|
-
e = Marshal.dump(e)
|
113
|
-
wr << "\n" << e
|
114
|
-
# The exit status is the number of line of the serialized
|
115
|
-
# exception.
|
116
|
-
exit!(e.each_line.count)
|
178
|
+
raise trouble
|
179
|
+
rescue Exception => e1
|
180
|
+
raise SaferException.new("*Error*: exception occured in safe mode.")
|
117
181
|
end
|
118
|
-
# No more need of wr.
|
119
|
-
wr.close
|
120
|
-
# End the process without any error.
|
121
|
-
exit!(0)
|
122
182
|
end
|
183
|
+
|
123
184
|
# Is there a string to return?
|
124
185
|
if to_return then
|
125
186
|
return stream.string
|
data/lib/ppr/test_ppr.rb
CHANGED
data/lib/ppr/version.rb
CHANGED