sqreen 1.15.6-java → 1.15.7.beta1-java
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/sqreen/js/mini_racer_adapter.rb +85 -40
- data/lib/sqreen/version.rb +1 -1
- metadata +4 -4
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: ce7a33c0d45ac85cb7b769691ef02e4bff94a935192059d8e9caae7e442e4c42
|
|
4
|
+
data.tar.gz: f5bcab2aa9ce1a2afc5804adf14e0523048ad0ba66a89cb9e794ef2da60323f7
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 6a8eceb60dcfa234f27af93c4fbdc1d9ec6e8ce4857d4d415f16c654f1b35af3bb520892e6557776ff85a40b68bc59063f13804fc31e335a7338a6fba4df13a8
|
|
7
|
+
data.tar.gz: ba74c1bb2880372953f0571e8fdc3ab95b975e8a55efe36760c0e874c0e5526ee1d7bc632a84e0e318b88fc5ce353e53721d6d78a4ca64dde8b5b5e38848304b
|
|
@@ -1,4 +1,5 @@
|
|
|
1
1
|
require 'digest'
|
|
2
|
+
require 'json'
|
|
2
3
|
|
|
3
4
|
module Sqreen
|
|
4
5
|
module Js
|
|
@@ -63,6 +64,89 @@ module Sqreen
|
|
|
63
64
|
end
|
|
64
65
|
end
|
|
65
66
|
|
|
67
|
+
class JsonConversion
|
|
68
|
+
class << self
|
|
69
|
+
if defined?(::JSON::Ext::Generator::State)
|
|
70
|
+
def convert_arguments(_args)
|
|
71
|
+
args = purge_dangerous_objs(_args)
|
|
72
|
+
new_state.generate(args)
|
|
73
|
+
rescue ::JSON::GeneratorError, ::Encoding::UndefinedConversionError
|
|
74
|
+
fixed_args = fixup_bad_encoding(args)
|
|
75
|
+
new_state.generate(fixed_args)
|
|
76
|
+
end
|
|
77
|
+
else
|
|
78
|
+
def convert_arguments(_args)
|
|
79
|
+
args = purge_dangerous_objs(_args)
|
|
80
|
+
args.to_json(new_state)
|
|
81
|
+
rescue ::EncodingError
|
|
82
|
+
fixed_args = fixup_bad_encoding(args)
|
|
83
|
+
fixed_args.to_json(new_state)
|
|
84
|
+
end
|
|
85
|
+
end
|
|
86
|
+
|
|
87
|
+
private
|
|
88
|
+
|
|
89
|
+
def new_state
|
|
90
|
+
::JSON::SAFE_STATE_PROTOTYPE.dup
|
|
91
|
+
end
|
|
92
|
+
|
|
93
|
+
def fixup_bad_encoding(arg, max_depth = 100)
|
|
94
|
+
return nil if max_depth <= 0
|
|
95
|
+
|
|
96
|
+
if arg.is_a?(::Array)
|
|
97
|
+
return arg.map { |it| fixup_bad_encoding(it, max_depth - 1) }
|
|
98
|
+
end
|
|
99
|
+
|
|
100
|
+
if arg.is_a?(::Hash)
|
|
101
|
+
return ::Hash[
|
|
102
|
+
arg.map do |k, v|
|
|
103
|
+
[fixup_bad_encoding(k, max_depth - 1),
|
|
104
|
+
fixup_bad_encoding(v, max_depth - 1)]
|
|
105
|
+
end
|
|
106
|
+
]
|
|
107
|
+
end
|
|
108
|
+
|
|
109
|
+
return arg unless arg.is_a?(::String)
|
|
110
|
+
|
|
111
|
+
unless arg.valid_encoding?
|
|
112
|
+
return arg.dup.force_encoding(::Encoding::ISO_8859_1)
|
|
113
|
+
end
|
|
114
|
+
|
|
115
|
+
# encoding is valid if it reaches this point
|
|
116
|
+
return arg if arg.encoding == ::Encoding::UTF_8
|
|
117
|
+
|
|
118
|
+
begin
|
|
119
|
+
arg.encode(::Encoding::UTF_8)
|
|
120
|
+
rescue ::Encoding::UndefinedConversionError
|
|
121
|
+
arg.dup.force_encoding(::Encoding::ISO_8859_1)
|
|
122
|
+
end
|
|
123
|
+
end
|
|
124
|
+
|
|
125
|
+
def purge_dangerous_objs(arg, max_depth = 100)
|
|
126
|
+
return nil if max_depth <= 0
|
|
127
|
+
|
|
128
|
+
if arg.is_a?(::Array)
|
|
129
|
+
arg.map { |it| purge_dangerous_objs(it, max_depth - 1) }
|
|
130
|
+
elsif arg.is_a?(::Hash)
|
|
131
|
+
Hash[
|
|
132
|
+
arg.map do |k, v|
|
|
133
|
+
[purge_dangerous_objs(k, max_depth - 1),
|
|
134
|
+
purge_dangerous_objs(v, max_depth - 1)]
|
|
135
|
+
end
|
|
136
|
+
]
|
|
137
|
+
elsif arg.is_a?(::String) || arg.nil? || arg == false ||
|
|
138
|
+
arg == true || arg.is_a?(::Fixnum) || arg.is_a?(::Bignum) ||
|
|
139
|
+
arg.is_a?(::Float)
|
|
140
|
+
arg
|
|
141
|
+
elsif arg.respond_to?(:to_json)
|
|
142
|
+
arg.to_s
|
|
143
|
+
else
|
|
144
|
+
arg
|
|
145
|
+
end
|
|
146
|
+
end
|
|
147
|
+
end
|
|
148
|
+
end
|
|
149
|
+
|
|
66
150
|
class MiniRacerExecutableJs < ExecutableJs
|
|
67
151
|
@@ctx_defined = false
|
|
68
152
|
|
|
@@ -93,7 +177,7 @@ module Sqreen
|
|
|
93
177
|
ctx.add_code(@code_id, @code) unless ctx.has_code?(@code_id)
|
|
94
178
|
|
|
95
179
|
begin
|
|
96
|
-
json_args = convert_arguments(arguments)
|
|
180
|
+
json_args = JsonConversion.convert_arguments(arguments)
|
|
97
181
|
ctx.eval_unsafe(
|
|
98
182
|
"sqreen_data['#{@code_id}']['#{cb_name}'].apply(this, #{json_args})", nil, budget)
|
|
99
183
|
rescue @module::ScriptTerminatedError
|
|
@@ -109,45 +193,6 @@ module Sqreen
|
|
|
109
193
|
|
|
110
194
|
private
|
|
111
195
|
|
|
112
|
-
def convert_arguments(args)
|
|
113
|
-
JSON.generate(args)
|
|
114
|
-
rescue JSON::GeneratorError, Encoding::UndefinedConversionError
|
|
115
|
-
fixed_args = fixup_bad_encoding(args)
|
|
116
|
-
JSON.generate(fixed_args)
|
|
117
|
-
end
|
|
118
|
-
|
|
119
|
-
def fixup_bad_encoding(arg, max_depth = 100)
|
|
120
|
-
return nil if max_depth <= 0
|
|
121
|
-
|
|
122
|
-
if arg.is_a?(Array)
|
|
123
|
-
return arg.map { |it| fixup_bad_encoding(it, max_depth - 1) }
|
|
124
|
-
end
|
|
125
|
-
|
|
126
|
-
if arg.is_a?(Hash)
|
|
127
|
-
return Hash[
|
|
128
|
-
arg.map do |k, v|
|
|
129
|
-
[fixup_bad_encoding(k, max_depth - 1),
|
|
130
|
-
fixup_bad_encoding(v, max_depth - 1)]
|
|
131
|
-
end
|
|
132
|
-
]
|
|
133
|
-
end
|
|
134
|
-
|
|
135
|
-
return arg unless arg.is_a?(String)
|
|
136
|
-
|
|
137
|
-
unless arg.valid_encoding?
|
|
138
|
-
return arg.dup.force_encoding(Encoding::ISO_8859_1)
|
|
139
|
-
end
|
|
140
|
-
|
|
141
|
-
# encoding is valid if it reaches this point
|
|
142
|
-
return arg if arg.encoding == Encoding::UTF_8
|
|
143
|
-
|
|
144
|
-
begin
|
|
145
|
-
arg.encode(Encoding::UTF_8)
|
|
146
|
-
rescue Encoding::UndefinedConversionError
|
|
147
|
-
arg.dup.force_encoding(Encoding::ISO_8859_1)
|
|
148
|
-
end
|
|
149
|
-
end
|
|
150
|
-
|
|
151
196
|
class << self
|
|
152
197
|
def define_sqreen_context(modoole)
|
|
153
198
|
# Context specialized for Sqreen usage
|
data/lib/sqreen/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: sqreen
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.15.
|
|
4
|
+
version: 1.15.7.beta1
|
|
5
5
|
platform: java
|
|
6
6
|
authors:
|
|
7
7
|
- Sqreen
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2018-11-
|
|
11
|
+
date: 2018-11-23 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -148,9 +148,9 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
|
148
148
|
version: '0'
|
|
149
149
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
150
150
|
requirements:
|
|
151
|
-
- - "
|
|
151
|
+
- - ">"
|
|
152
152
|
- !ruby/object:Gem::Version
|
|
153
|
-
version:
|
|
153
|
+
version: 1.3.1
|
|
154
154
|
requirements: []
|
|
155
155
|
rubyforge_project:
|
|
156
156
|
rubygems_version: 2.7.7
|