ppr 0.0.7 → 0.0.8

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (5) hide show
  1. checksums.yaml +4 -4
  2. data/lib/ppr/safer_generator.rb +113 -52
  3. data/lib/ppr/test_ppr.rb +1 -0
  4. data/lib/ppr/version.rb +1 -1
  5. metadata +1 -1
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 48e44434cdd2a83270beb33c69d7d1141cc3333857505910f16cb2baa9fcdbae
4
- data.tar.gz: f3a4d37780596606a2a1957c28a099dac51eef57330ad02f499ad7291821ee61
3
+ metadata.gz: 2042d52e7ba854cb3813ded3c053f15f0d62cf72e3a5c62b3b2546d9fc24e12a
4
+ data.tar.gz: c03dc06cb0f09e56efdae00063e0451389319163b4b674a3d959c22915216dfb
5
5
  SHA512:
6
- metadata.gz: 77bc95d237a38e2979a861ab617b6a86ca31dc1008f85fc54ad82f15cc7f6dbcd1303d88993bb020aca05793eda2377a1ee1f713b19fb0412f670dfe24a83688
7
- data.tar.gz: 04a6ba69898af70b296f1199e9106c3e984b6d8f8df9c81e4cb3d93f96ff77b8b031b14440bef6450eaae2092f8493bcbd7161cd17bce0189ef0a5f5e878da66
6
+ metadata.gz: 5c9c6b98dc45c18bc65a219e7c220b55bfd606d411f1bbcd28ad12bd42cd6271dc224725cb1ad8521e5211f657e3c99627883426252ad5917f9fafd07235113a
7
+ data.tar.gz: b687e440a1fd675306a070258c0b8807b2725c4a133d05602f9fb7134a1b1073c0a451d63a9f4dc2c07bba151d18ce223bd628cf543c211ccdac7f66de18e018
data/lib/ppr/safer_generator.rb CHANGED
@@ -43,6 +43,16 @@ class SaferGenerator
43
43
  methods = DANGER_METHODS + @black_methods
44
44
  # Gather the constants to strip.
45
45
  constants = DANGER_CONSTANTS + @black_constants
46
+ # Save the dangerous methods in a private safe.
47
+ @safe_of_methods = {}
48
+ methods.each do |meth|
49
+ @safe_of_methods[meth]=method(meth)
50
+ end
51
+ # Save the dangerous constants in a private safe.
52
+ @safe_of_constants = {}
53
+ constants.each do |cst|
54
+ @safe_of_constants[cst] = Object.send(:const_get,cst)
55
+ end
46
56
  # Strip the dangerous methods.
47
57
  methods.each do |meth|
48
58
  Kernel.send(:undef_method,meth)
@@ -53,6 +63,21 @@ class SaferGenerator
53
63
  end
54
64
  end
55
65
 
66
+ # Restores all the stripped Kernel methods and constants appart from the
67
+ # elements of the white list.
68
+ # Also strip Object from dangerous methods and constants apart
69
+ # from the elements of the white list.
70
+ def unsecure
71
+ # Restores the dangerous methods in a private safe.
72
+ @safe_of_methods.each do |(name,pr)|
73
+ Kernel.send(:define_method,name,&pr)
74
+ end
75
+ # Restors the dangerous constants in a private safe.
76
+ @safe_of_constants.each do |(name,cst)|
77
+ Object.const_set(name,cst)
78
+ end
79
+ end
80
+
56
81
 
57
82
  # Executes +block+ in a safe context for generating text into a +stream+.
58
83
  #
@@ -65,61 +90,97 @@ class SaferGenerator
65
90
  end
66
91
  # Creates the pipe for communicating with the block.
67
92
  rd,wr = IO.pipe
68
- # Creates a process for executing the block.
69
- pid = fork
70
- if pid then
71
- # This is the parent: waits for the block execution result.
72
- # No need to write on the pipe. close it.
73
- wr.close
74
- # Read the result of the process and send it to stream
75
- until rd.eof?
76
- stream << rd.read
77
- end
78
- # No more need of rd.
79
- rd.close
80
- # Wait the end of the child process
81
- Process.wait(pid)
82
- # Where there a trouble?
83
- unless $?.exited? then
84
- # pid did not exit, internal error.
85
- raise "*Internal error*: safer process #{pid} did not exit."
86
- end
87
- if $?.exitstatus !=0 then
88
- # Reconstruct the exception from the stream, the exit
89
- # status is the number of line to use.
90
- e0 = Marshal.load( stream.string.each_line.
91
- to_a[-$?.exitstatus..-1].join )
92
- # Then resend the eception encapsulated into another one
93
- # telling the safer process failed.
94
- begin
95
- raise e0
96
- rescue Exception => e1
97
- raise SaferException.new("*Error*: exception occured in safer process #{pid}.")
98
- end
99
- end
100
- else
101
- # This is the child: enter in safe mode and execute the block.
102
- # No need to write on the pipe. close it.
103
- rd.close
104
- # Secure.
105
- secure
106
- # Execute the block.
93
+ # # Creates a process for executing the block.
94
+ # pid = fork
95
+ # if pid then
96
+ # # This is the parent: waits for the block execution result.
97
+ # # No need to write on the pipe. close it.
98
+ # wr.close
99
+ # # Read the result of the process and send it to stream
100
+ # until rd.eof?
101
+ # stream << rd.read
102
+ # end
103
+ # # No more need of rd.
104
+ # rd.close
105
+ # # Wait the end of the child process
106
+ # Process.wait(pid)
107
+ # # Where there a trouble?
108
+ # unless $?.exited? then
109
+ # # pid did not exit, internal error.
110
+ # raise "*Internal error*: safer process #{pid} did not exit."
111
+ # end
112
+ # if $?.exitstatus !=0 then
113
+ # # Reconstruct the exception from the stream, the exit
114
+ # # status is the number of line to use.
115
+ # e0 = Marshal.load( stream.string.each_line.
116
+ # to_a[-$?.exitstatus..-1].join )
117
+ # # Then resend the eception encapsulated into another one
118
+ # # telling the safer process failed.
119
+ # begin
120
+ # raise e0
121
+ # rescue Exception => e1
122
+ # raise SaferException.new("*Error*: exception occured in safer process #{pid}.")
123
+ # end
124
+ # end
125
+ # else
126
+ # # This is the child: enter in safe mode and execute the block.
127
+ # # No need to write on the pipe. close it.
128
+ # rd.close
129
+ # # Secure.
130
+ # secure
131
+ # # Execute the block.
132
+ # begin
133
+ # block.call(wr)
134
+ # rescue Exception => e
135
+ # # The exception is serialized and passed to the main process
136
+ # # through the pipe.
137
+ # e = Marshal.dump(e)
138
+ # wr << "\n" << e
139
+ # # The exit status is the number of line of the serialized
140
+ # # exception.
141
+ # exit!(e.each_line.count)
142
+ # end
143
+ # # No more need of wr.
144
+ # wr.close
145
+ # # End the process without any error.
146
+ # exit!(0)
147
+ # end
148
+ #
149
+ # # Is there a string to return?
150
+ # if to_return then
151
+ # return stream.string
152
+ # else
153
+ # return nil
154
+ # end
155
+
156
+ # Secure.
157
+ secure
158
+ trouble = nil
159
+ # Execute the block.
160
+ begin
161
+ block.call(wr)
162
+ rescue Exception => e
163
+ trouble = e
164
+ end
165
+ # No more need of wr.
166
+ wr.close
167
+
168
+ # Unsecure and process the result.
169
+ unsecure
170
+ # Read the result of the process and send it to stream
171
+ until rd.eof?
172
+ stream << rd.read
173
+ end
174
+ # No more need of rd.
175
+ rd.close
176
+ if trouble then
107
177
  begin
108
- block.call(wr)
109
- rescue Exception => e
110
- # The exception is serialized and passed to the main process
111
- # through the pipe.
112
- e = Marshal.dump(e)
113
- wr << "\n" << e
114
- # The exit status is the number of line of the serialized
115
- # exception.
116
- exit!(e.each_line.count)
178
+ raise trouble
179
+ rescue Exception => e1
180
+ raise SaferException.new("*Error*: exception occured in safe mode.")
117
181
  end
118
- # No more need of wr.
119
- wr.close
120
- # End the process without any error.
121
- exit!(0)
122
182
  end
183
+
123
184
  # Is there a string to return?
124
185
  if to_return then
125
186
  return stream.string
data/lib/ppr/test_ppr.rb CHANGED
@@ -3,6 +3,7 @@
3
3
  ######################################################################
4
4
 
5
5
  require "ppr.rb"
6
+ require 'stringio'
6
7
 
7
8
  # Function for testing a preprocessor
8
9
  def test_preprocessor(preprocessor,input,expected)
data/lib/ppr/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module Ppr
2
- VERSION = "0.0.7"
2
+ VERSION = "0.0.8"
3
3
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: ppr
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.0.7
4
+ version: 0.0.8
5
5
  platform: ruby
6
6
  authors:
7
7
  - Lovic Gauthier