safe_ruby 0.0.1 → 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 7d4ffe979b9bf21d82a84ddcde617929e662043a
4
- data.tar.gz: 4e4df66000d092c3dbf313bb7466864e3fbb6b80
3
+ metadata.gz: de496912b7b02e5c957d14dfd8f948ad61b67e91
4
+ data.tar.gz: dd35f9355735b7ea5c8b8142487b0e94543eb3bc
5
5
  SHA512:
6
- metadata.gz: 62d8d6995ba25aea59887d21b11ccc9dbd2429a930989cca4b04d854ad2271afbe0cb033e13c747a9222d43bc4773a0a1337fb8ec0b75311b28f9443ffdf4644
7
- data.tar.gz: 45a67beadc6238612f86c4f99f49c160f7a0603687720c24b793d8ba9b5f22c85dfe0408b70199e43ea53024a3c10cf88e472b14fedf8d8a7f84f32e2ef0a344
6
+ metadata.gz: f99d15ed28e01b364fc7875be6cac1e6dbb0cf8f5e017b799c4e88219e8b62867f2dbc709cee31a831787918985ddd28644d11adffe97eee7d3b11f3cf38ffe0
7
+ data.tar.gz: 4e71378723c608036ac912b5b329a96d73dc2decfb100df314cef0fa27d9fa2514fa8c463bbd72d261dcc3832ab979dd33c65df8d1f9edee0c461dc9134e6cda
@@ -5,5 +5,5 @@ require_relative 'make_safe_code'
5
5
  require_relative 'safe_ruby_runner'
6
6
 
7
7
  class SafeRuby
8
- VERSION = "0.0.0"
8
+ VERSION = "1.0.0"
9
9
  end
@@ -1,14 +1,18 @@
1
+ class EvalError < StandardError
2
+ def initialize(msg); super; end
3
+ end
4
+
1
5
  class SafeRuby
2
- def initialize(code)
3
- @code = code
4
- end
6
+ DEFAULTS = { timeout: 5 }
5
7
 
6
- def self.eval(code)
7
- new(code).eval
8
+ def initialize(code, options={})
9
+ @code = code
10
+ options = DEFAULTS.merge(options)
11
+ @timeout = options[:timeout]
8
12
  end
9
13
 
10
- def self.check(code, expected)
11
- eval(code) == eval(expected)
14
+ def self.eval(code, options={})
15
+ new(code, options).eval
12
16
  end
13
17
 
14
18
  def eval
@@ -18,14 +22,29 @@ class SafeRuby
18
22
  process.io.stdout = write
19
23
  process.io.stderr = write
20
24
  process.start
21
- process.wait
25
+ begin
26
+ process.poll_for_exit(@timeout)
27
+ rescue ChildProcess::TimeoutError => e
28
+ process.stop # tries increasingly harsher methods to kill the process.
29
+ return e
30
+ end
22
31
  write.close
32
+ temp.unlink
23
33
  end
24
34
 
25
35
  data = read.read
26
- Marshal.load(data) rescue data
36
+ begin
37
+ Marshal.load(data)
38
+ rescue => e
39
+ raise data
40
+ end
41
+ end
42
+
43
+ def self.check(code, expected)
44
+ eval(code) == eval(expected)
27
45
  end
28
46
 
47
+
29
48
  private
30
49
 
31
50
  def build_tempfile
@@ -33,14 +52,10 @@ class SafeRuby
33
52
  file = Tempfile.new('saferuby')
34
53
  file.write(MAKE_SAFE_CODE)
35
54
  file.write <<-STRING
36
- begin
37
- result = eval('#{@code}')
38
- puts Marshal.dump(result)
39
- rescue => e
40
- print e
41
- end
55
+ result = eval('#{@code}')
56
+ print Marshal.dump(result)
42
57
  STRING
43
58
  file.rewind
44
59
  file
45
60
  end
46
- end
61
+ end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: safe_ruby
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.0.1
4
+ version: 1.0.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Uku Taht
@@ -24,7 +24,24 @@ dependencies:
24
24
  - - '>='
25
25
  - !ruby/object:Gem::Version
26
26
  version: 0.3.9
27
- description: Whatever
27
+ - !ruby/object:Gem::Dependency
28
+ name: rspec
29
+ requirement: !ruby/object:Gem::Requirement
30
+ requirements:
31
+ - - '>='
32
+ - !ruby/object:Gem::Version
33
+ version: 2.14.1
34
+ type: :development
35
+ prerelease: false
36
+ version_requirements: !ruby/object:Gem::Requirement
37
+ requirements:
38
+ - - '>='
39
+ - !ruby/object:Gem::Version
40
+ version: 2.14.1
41
+ description: Evaluates ruby code by writing it to a tempfile and spawning a child
42
+ process. Uses a whitelist of methods and constants to keep, for example one cannot
43
+ run system commands in the environment created by this gem. The environment created
44
+ by the untrusted code does not leak out into the parent process.
28
45
  email: uku.taht@gmail.com
29
46
  executables: []
30
47
  extensions: []