secure 0.3.0 → 0.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (6) hide show
  1. data/lib/secure/child_process.rb +4 -0
  2. data/lib/secure/errors.rb +3 -0
  3. data/lib/secure/parent_process.rb +2 -0
  4. data/lib/secure/version.rb +1 -1
  5. data/spec/secure/runner_spec.rb +20 -0
  6. metadata +4 -4
data/lib/secure/child_process.rb CHANGED
@@ -6,6 +6,8 @@ module Secure
6
6
  read_file.close
7
7
  @pipe = write_file
8
8
  @timeout = opts[:timeout]
9
+ @limit_memory = opts[:limit_memory]
10
+ @limit_cpu = opts[:limit_cpu]
9
11
  end
10
12
 
11
13
  def guard_threads
@@ -13,6 +15,8 @@ module Secure
13
15
  end
14
16
 
15
17
  def safely_run_block
18
+ Process::setrlimit(Process::RLIMIT_AS, @limit_memory) if @limit_memory
19
+ Process::setrlimit(Process::RLIMIT_CPU, @limit_cpu, 2 + @limit_cpu) if @limit_cpu
16
20
  thread = Thread.start do
17
21
  $SAFE=3
18
22
  yield
data/lib/secure/errors.rb CHANGED
@@ -1,4 +1,7 @@
1
1
  module Secure
2
2
  class TimeoutError < StandardError
3
3
  end
4
+
5
+ class ChildKilledError < StandardError
6
+ end
4
7
  end
data/lib/secure/parent_process.rb CHANGED
@@ -9,6 +9,8 @@ module Secure
9
9
 
10
10
  def execute
11
11
  Marshal.load(Base64.decode64(@pipe.read))
12
+ rescue
13
+ Response.error(ChildKilledError.new("Child has been killed without returning"))
12
14
  end
13
15
  end
14
16
  end
data/lib/secure/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module Secure
2
- VERSION = "0.3.0"
2
+ VERSION = "0.4.0"
3
3
  end
data/spec/secure/runner_spec.rb CHANGED
@@ -65,6 +65,26 @@ module Secure
65
65
  response.error.should be_a(Secure::TimeoutError)
66
66
  end
67
67
 
68
+ if RUBY_PLATFORM =~ /darwin/
69
+ pending "should kill a process with too much memory (does not work on OSX)"
70
+ else
71
+ it "should kill a process with too much memory on linux" do
72
+ response = Runner.new(:limit_memory => 10 * 1024).run do
73
+ 'a' * 10 * 1024
74
+ end
75
+ response.should_not be_success
76
+ response.error.should be_a(NoMemoryError)
77
+ end
78
+ end
79
+
80
+ it "kills a process using too much cpu" do
81
+ response = Runner.new(:limit_cpu => 1).run do
82
+ while true; end
83
+ end
84
+ response.should_not be_success
85
+ response.error.should be_a(Secure::ChildKilledError)
86
+ end
87
+
68
88
  it "should not be able to open a file" do
69
89
  response = Runner.new.run do
70
90
  File.open("/etc/passwd")
metadata CHANGED
@@ -1,13 +1,13 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: secure
3
3
  version: !ruby/object:Gem::Version
4
- hash: 19
4
+ hash: 15
5
5
  prerelease:
6
6
  segments:
7
7
  - 0
8
- - 3
8
+ - 4
9
9
  - 0
10
- version: 0.3.0
10
+ version: 0.4.0
11
11
  platform: ruby
12
12
  authors:
13
13
  - Tejas Dinkar
@@ -15,7 +15,7 @@ autorequire:
15
15
  bindir: bin
16
16
  cert_chain: []
17
17
 
18
- date: 2011-09-02 00:00:00 +05:30
18
+ date: 2011-09-05 00:00:00 +05:30
19
19
  default_executable:
20
20
  dependencies:
21
21
  - !ruby/object:Gem::Dependency