safe_ruby 0.0.1 → 1.0.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 7d4ffe979b9bf21d82a84ddcde617929e662043a
4
- data.tar.gz: 4e4df66000d092c3dbf313bb7466864e3fbb6b80
3
+ metadata.gz: de496912b7b02e5c957d14dfd8f948ad61b67e91
4
+ data.tar.gz: dd35f9355735b7ea5c8b8142487b0e94543eb3bc
5
5
  SHA512:
6
- metadata.gz: 62d8d6995ba25aea59887d21b11ccc9dbd2429a930989cca4b04d854ad2271afbe0cb033e13c747a9222d43bc4773a0a1337fb8ec0b75311b28f9443ffdf4644
7
- data.tar.gz: 45a67beadc6238612f86c4f99f49c160f7a0603687720c24b793d8ba9b5f22c85dfe0408b70199e43ea53024a3c10cf88e472b14fedf8d8a7f84f32e2ef0a344
6
+ metadata.gz: f99d15ed28e01b364fc7875be6cac1e6dbb0cf8f5e017b799c4e88219e8b62867f2dbc709cee31a831787918985ddd28644d11adffe97eee7d3b11f3cf38ffe0
7
+ data.tar.gz: 4e71378723c608036ac912b5b329a96d73dc2decfb100df314cef0fa27d9fa2514fa8c463bbd72d261dcc3832ab979dd33c65df8d1f9edee0c461dc9134e6cda
@@ -5,5 +5,5 @@ require_relative 'make_safe_code'
5
5
  require_relative 'safe_ruby_runner'
6
6
 
7
7
  class SafeRuby
8
- VERSION = "0.0.0"
8
+ VERSION = "1.0.0"
9
9
  end
@@ -1,14 +1,18 @@
1
+ class EvalError < StandardError
2
+ def initialize(msg); super; end
3
+ end
4
+
1
5
  class SafeRuby
2
- def initialize(code)
3
- @code = code
4
- end
6
+ DEFAULTS = { timeout: 5 }
5
7
 
6
- def self.eval(code)
7
- new(code).eval
8
+ def initialize(code, options={})
9
+ @code = code
10
+ options = DEFAULTS.merge(options)
11
+ @timeout = options[:timeout]
8
12
  end
9
13
 
10
- def self.check(code, expected)
11
- eval(code) == eval(expected)
14
+ def self.eval(code, options={})
15
+ new(code, options).eval
12
16
  end
13
17
 
14
18
  def eval
@@ -18,14 +22,29 @@ class SafeRuby
18
22
  process.io.stdout = write
19
23
  process.io.stderr = write
20
24
  process.start
21
- process.wait
25
+ begin
26
+ process.poll_for_exit(@timeout)
27
+ rescue ChildProcess::TimeoutError => e
28
+ process.stop # tries increasingly harsher methods to kill the process.
29
+ return e
30
+ end
22
31
  write.close
32
+ temp.unlink
23
33
  end
24
34
 
25
35
  data = read.read
26
- Marshal.load(data) rescue data
36
+ begin
37
+ Marshal.load(data)
38
+ rescue => e
39
+ raise data
40
+ end
41
+ end
42
+
43
+ def self.check(code, expected)
44
+ eval(code) == eval(expected)
27
45
  end
28
46
 
47
+
29
48
  private
30
49
 
31
50
  def build_tempfile
@@ -33,14 +52,10 @@ class SafeRuby
33
52
  file = Tempfile.new('saferuby')
34
53
  file.write(MAKE_SAFE_CODE)
35
54
  file.write <<-STRING
36
- begin
37
- result = eval('#{@code}')
38
- puts Marshal.dump(result)
39
- rescue => e
40
- print e
41
- end
55
+ result = eval('#{@code}')
56
+ print Marshal.dump(result)
42
57
  STRING
43
58
  file.rewind
44
59
  file
45
60
  end
46
- end
61
+ end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: safe_ruby
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.0.1
4
+ version: 1.0.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Uku Taht
@@ -24,7 +24,24 @@ dependencies:
24
24
  - - '>='
25
25
  - !ruby/object:Gem::Version
26
26
  version: 0.3.9
27
- description: Whatever
27
+ - !ruby/object:Gem::Dependency
28
+ name: rspec
29
+ requirement: !ruby/object:Gem::Requirement
30
+ requirements:
31
+ - - '>='
32
+ - !ruby/object:Gem::Version
33
+ version: 2.14.1
34
+ type: :development
35
+ prerelease: false
36
+ version_requirements: !ruby/object:Gem::Requirement
37
+ requirements:
38
+ - - '>='
39
+ - !ruby/object:Gem::Version
40
+ version: 2.14.1
41
+ description: Evaluates ruby code by writing it to a tempfile and spawning a child
42
+ process. Uses a whitelist of methods and constants to keep, for example one cannot
43
+ run system commands in the environment created by this gem. The environment created
44
+ by the untrusted code does not leak out into the parent process.
28
45
  email: uku.taht@gmail.com
29
46
  executables: []
30
47
  extensions: []