ppr 0.0.7 → 0.0.8

Sign up to get free protection for your applications and to get access to all the features.
Files changed (5) hide show
  1. checksums.yaml +4 -4
  2. data/lib/ppr/safer_generator.rb +113 -52
  3. data/lib/ppr/test_ppr.rb +1 -0
  4. data/lib/ppr/version.rb +1 -1
  5. metadata +1 -1
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 48e44434cdd2a83270beb33c69d7d1141cc3333857505910f16cb2baa9fcdbae
4
- data.tar.gz: f3a4d37780596606a2a1957c28a099dac51eef57330ad02f499ad7291821ee61
3
+ metadata.gz: 2042d52e7ba854cb3813ded3c053f15f0d62cf72e3a5c62b3b2546d9fc24e12a
4
+ data.tar.gz: c03dc06cb0f09e56efdae00063e0451389319163b4b674a3d959c22915216dfb
5
5
  SHA512:
6
- metadata.gz: 77bc95d237a38e2979a861ab617b6a86ca31dc1008f85fc54ad82f15cc7f6dbcd1303d88993bb020aca05793eda2377a1ee1f713b19fb0412f670dfe24a83688
7
- data.tar.gz: 04a6ba69898af70b296f1199e9106c3e984b6d8f8df9c81e4cb3d93f96ff77b8b031b14440bef6450eaae2092f8493bcbd7161cd17bce0189ef0a5f5e878da66
6
+ metadata.gz: 5c9c6b98dc45c18bc65a219e7c220b55bfd606d411f1bbcd28ad12bd42cd6271dc224725cb1ad8521e5211f657e3c99627883426252ad5917f9fafd07235113a
7
+ data.tar.gz: b687e440a1fd675306a070258c0b8807b2725c4a133d05602f9fb7134a1b1073c0a451d63a9f4dc2c07bba151d18ce223bd628cf543c211ccdac7f66de18e018
data/lib/ppr/safer_generator.rb CHANGED
@@ -43,6 +43,16 @@ class SaferGenerator
43
43
  methods = DANGER_METHODS + @black_methods
44
44
  # Gather the constants to strip.
45
45
  constants = DANGER_CONSTANTS + @black_constants
46
+ # Save the dangerous methods in a private safe.
47
+ @safe_of_methods = {}
48
+ methods.each do |meth|
49
+ @safe_of_methods[meth]=method(meth)
50
+ end
51
+ # Save the dangerous constants in a private safe.
52
+ @safe_of_constants = {}
53
+ constants.each do |cst|
54
+ @safe_of_constants[cst] = Object.send(:const_get,cst)
55
+ end
46
56
  # Strip the dangerous methods.
47
57
  methods.each do |meth|
48
58
  Kernel.send(:undef_method,meth)
@@ -53,6 +63,21 @@ class SaferGenerator
53
63
  end
54
64
  end
55
65
 
66
+ # Restores all the stripped Kernel methods and constants appart from the
67
+ # elements of the white list.
68
+ # Also strip Object from dangerous methods and constants apart
69
+ # from the elements of the white list.
70
+ def unsecure
71
+ # Restores the dangerous methods in a private safe.
72
+ @safe_of_methods.each do |(name,pr)|
73
+ Kernel.send(:define_method,name,&pr)
74
+ end
75
+ # Restors the dangerous constants in a private safe.
76
+ @safe_of_constants.each do |(name,cst)|
77
+ Object.const_set(name,cst)
78
+ end
79
+ end
80
+
56
81
 
57
82
  # Executes +block+ in a safe context for generating text into a +stream+.
58
83
  #
@@ -65,61 +90,97 @@ class SaferGenerator
65
90
  end
66
91
  # Creates the pipe for communicating with the block.
67
92
  rd,wr = IO.pipe
68
- # Creates a process for executing the block.
69
- pid = fork
70
- if pid then
71
- # This is the parent: waits for the block execution result.
72
- # No need to write on the pipe. close it.
73
- wr.close
74
- # Read the result of the process and send it to stream
75
- until rd.eof?
76
- stream << rd.read
77
- end
78
- # No more need of rd.
79
- rd.close
80
- # Wait the end of the child process
81
- Process.wait(pid)
82
- # Where there a trouble?
83
- unless $?.exited? then
84
- # pid did not exit, internal error.
85
- raise "*Internal error*: safer process #{pid} did not exit."
86
- end
87
- if $?.exitstatus !=0 then
88
- # Reconstruct the exception from the stream, the exit
89
- # status is the number of line to use.
90
- e0 = Marshal.load( stream.string.each_line.
91
- to_a[-$?.exitstatus..-1].join )
92
- # Then resend the eception encapsulated into another one
93
- # telling the safer process failed.
94
- begin
95
- raise e0
96
- rescue Exception => e1
97
- raise SaferException.new("*Error*: exception occured in safer process #{pid}.")
98
- end
99
- end
100
- else
101
- # This is the child: enter in safe mode and execute the block.
102
- # No need to write on the pipe. close it.
103
- rd.close
104
- # Secure.
105
- secure
106
- # Execute the block.
93
+ # # Creates a process for executing the block.
94
+ # pid = fork
95
+ # if pid then
96
+ # # This is the parent: waits for the block execution result.
97
+ # # No need to write on the pipe. close it.
98
+ # wr.close
99
+ # # Read the result of the process and send it to stream
100
+ # until rd.eof?
101
+ # stream << rd.read
102
+ # end
103
+ # # No more need of rd.
104
+ # rd.close
105
+ # # Wait the end of the child process
106
+ # Process.wait(pid)
107
+ # # Where there a trouble?
108
+ # unless $?.exited? then
109
+ # # pid did not exit, internal error.
110
+ # raise "*Internal error*: safer process #{pid} did not exit."
111
+ # end
112
+ # if $?.exitstatus !=0 then
113
+ # # Reconstruct the exception from the stream, the exit
114
+ # # status is the number of line to use.
115
+ # e0 = Marshal.load( stream.string.each_line.
116
+ # to_a[-$?.exitstatus..-1].join )
117
+ # # Then resend the eception encapsulated into another one
118
+ # # telling the safer process failed.
119
+ # begin
120
+ # raise e0
121
+ # rescue Exception => e1
122
+ # raise SaferException.new("*Error*: exception occured in safer process #{pid}.")
123
+ # end
124
+ # end
125
+ # else
126
+ # # This is the child: enter in safe mode and execute the block.
127
+ # # No need to write on the pipe. close it.
128
+ # rd.close
129
+ # # Secure.
130
+ # secure
131
+ # # Execute the block.
132
+ # begin
133
+ # block.call(wr)
134
+ # rescue Exception => e
135
+ # # The exception is serialized and passed to the main process
136
+ # # through the pipe.
137
+ # e = Marshal.dump(e)
138
+ # wr << "\n" << e
139
+ # # The exit status is the number of line of the serialized
140
+ # # exception.
141
+ # exit!(e.each_line.count)
142
+ # end
143
+ # # No more need of wr.
144
+ # wr.close
145
+ # # End the process without any error.
146
+ # exit!(0)
147
+ # end
148
+ #
149
+ # # Is there a string to return?
150
+ # if to_return then
151
+ # return stream.string
152
+ # else
153
+ # return nil
154
+ # end
155
+
156
+ # Secure.
157
+ secure
158
+ trouble = nil
159
+ # Execute the block.
160
+ begin
161
+ block.call(wr)
162
+ rescue Exception => e
163
+ trouble = e
164
+ end
165
+ # No more need of wr.
166
+ wr.close
167
+
168
+ # Unsecure and process the result.
169
+ unsecure
170
+ # Read the result of the process and send it to stream
171
+ until rd.eof?
172
+ stream << rd.read
173
+ end
174
+ # No more need of rd.
175
+ rd.close
176
+ if trouble then
107
177
  begin
108
- block.call(wr)
109
- rescue Exception => e
110
- # The exception is serialized and passed to the main process
111
- # through the pipe.
112
- e = Marshal.dump(e)
113
- wr << "\n" << e
114
- # The exit status is the number of line of the serialized
115
- # exception.
116
- exit!(e.each_line.count)
178
+ raise trouble
179
+ rescue Exception => e1
180
+ raise SaferException.new("*Error*: exception occured in safe mode.")
117
181
  end
118
- # No more need of wr.
119
- wr.close
120
- # End the process without any error.
121
- exit!(0)
122
182
  end
183
+
123
184
  # Is there a string to return?
124
185
  if to_return then
125
186
  return stream.string
data/lib/ppr/test_ppr.rb CHANGED
@@ -3,6 +3,7 @@
3
3
  ######################################################################
4
4
 
5
5
  require "ppr.rb"
6
+ require 'stringio'
6
7
 
7
8
  # Function for testing a preprocessor
8
9
  def test_preprocessor(preprocessor,input,expected)
data/lib/ppr/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module Ppr
2
- VERSION = "0.0.7"
2
+ VERSION = "0.0.8"
3
3
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: ppr
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.0.7
4
+ version: 0.0.8
5
5
  platform: ruby
6
6
  authors:
7
7
  - Lovic Gauthier