added error handling, basic tests

ukutaht · ukutaht · commit b3488f1ef505 · 2013-12-05T09:37:00.000-06:00
diff --git a/.rspec b/.rspec
@@ -0,0 +1,2 @@
+--color
+--format progress
diff --git a/Gemfile b/Gemfile
@@ -1,3 +1,4 @@
 source 'https://rubygems.org'
 
-gem 'childprocess'
+gem 'childprocess', '>= 0.3.9'
+gem 'rspec', '>= 2.14.1'
diff --git a/Gemfile.lock b/Gemfile.lock
@@ -3,10 +3,20 @@ GEM
   specs:
     childprocess (0.3.9)
       ffi (~> 1.0, >= 1.0.11)
+    diff-lcs (1.2.4)
     ffi (1.9.3)
+    rspec (2.14.1)
+      rspec-core (~> 2.14.0)
+      rspec-expectations (~> 2.14.0)
+      rspec-mocks (~> 2.14.0)
+    rspec-core (2.14.7)
+    rspec-expectations (2.14.4)
+      diff-lcs (>= 1.1.3, < 2.0)
+    rspec-mocks (2.14.4)
 
 PLATFORMS
   ruby
 
 DEPENDENCIES
-  childprocess
+  childprocess (>= 0.3.9)
+  rspec (>= 2.14.1)
diff --git a/lib/.DS_Store b/lib/.DS_Store
diff --git a/lib/safe_ruby.rb b/lib/safe_ruby.rb
@@ -1,59 +1,9 @@
+require 'childprocess'
 require_relative 'method_whitelist'
 require_relative 'constant_whitelist'
 require_relative 'make_safe_code'
-require 'childprocess'
+require_relative 'safe_ruby_runner'
 
 class SafeRuby
-  def initialize(code)
-    @code = code
-  end
-
-  def self.eval(code)
-    new(code).eval
-  end
-
-  def self.check(code, expected)
-    eval(code) == eval(expected)
-  end
-
-  def eval
-    temp = build_tempfile
-    read, write = IO.pipe
-    # readerr, writeerr = IO.pipe
-    ChildProcess.build("ruby", temp.path).tap do |process|
-      process.io.stdout = write
-      process.io.stderr = write
-      process.start
-      process.wait
-      write.close
-    end
-
-    data = read.read
-    p data
-    Marshal.load(data)
-    # if data.empty?
-    #   readerr.read
-    # else
-    #   Marshal.load(data)
-    # end
-  end
-  private
-
-  def build_tempfile
-    require 'tempfile'
-    file = Tempfile.new('saferuby')
-    file.write(MAKE_SAFE_CODE)
-    file.write <<-STRING
-      begin
-        result = eval('#{@code}')
-        $stdout.puts Marshal.dump(result)
-      rescue => e
-        $stderr.puts e
-      end
-    STRING
-    file.rewind
-    file
-  end
-end
-
-p SafeRuby.check('system("ls")', "[2,3,4]")
+	VERSION = "0.0.1"
+end
diff --git a/lib/safe_ruby_runner.rb b/lib/safe_ruby_runner.rb
@@ -0,0 +1,54 @@
+class EvalError < StandardError
+  def initialize(msg); super; end
+end
+
+class SafeRuby
+  def initialize(code)
+    @code = code
+  end
+
+  def self.eval(code)
+    new(code).eval
+  end
+
+  def self.check(code, expected)
+    eval(code) == eval(expected)
+  end
+
+  def eval
+    temp = build_tempfile
+    read, write = IO.pipe
+    ChildProcess.build("ruby", temp.path).tap do |process|
+      process.io.stdout = write
+      process.io.stderr = write
+      process.start
+      process.wait
+      write.close
+    end
+
+    data = read.read
+    begin
+      Marshal.load(data)
+    rescue => e 
+      raise EvalError.new(data)
+    end
+  end
+
+  private
+
+  def build_tempfile
+    require 'tempfile'
+    file = Tempfile.new('saferuby')
+    file.write(MAKE_SAFE_CODE)
+    file.write <<-STRING
+      begin
+        result = eval('#{@code}')
+        print Marshal.dump(result)
+      rescue => e
+        print e.message
+      end
+    STRING
+    file.rewind
+    file
+  end
+end
diff --git a/safe_ruby-0.0.1.gem b/safe_ruby-0.0.1.gem
diff --git a/safe_ruby.gemspec b/safe_ruby.gemspec
@@ -1,13 +1,15 @@
 Gem::Specification.new do |s|
   s.name        = 'safe_ruby'
-  s.version     = '0.0.0'
+  s.version     = '0.0.1'
   s.date        = '2013-12-04'
   s.summary     = "Run untrusted ruby code in a safe environment"
-  s.description = "Whatever"
+  s.description = "Evaluates ruby code by writing it to a tempfile and spawning a child process. Uses a whitelist of methods and constants to keep, for example one cannot run system commands in the environment created by this gem. The environment created by the untrusted code does not leak out into the parent process."
   s.authors     = ["Uku Taht"]
   s.email       = 'uku.taht@gmail.com'
-  s.files       = ["lib/safe_ruby.rb", "lib/constant_whitelist.rb", "lib/make_safe.rb", "lib/method_whitelist.rb"]
+  s.files       = ["lib/safe_ruby.rb", "lib/constant_whitelist.rb", "lib/make_safe_code.rb", "lib/method_whitelist.rb", "lib/safe_ruby_runner.rb"]
   s.homepage    =
     'http://rubygems.org/gems/safe_ruby'
   s.license       = 'MIT'
+  s.add_runtime_dependency 'childprocess', '>= 0.3.9'
+  s.add_development_dependency 'rspec', '>= 2.14.1'
 end
diff --git a/spec/safe_ruby_spec.rb b/spec/safe_ruby_spec.rb
@@ -0,0 +1,16 @@
+require 'spec_helper'
+
+describe SafeRuby do
+	describe '#eval' do
+		it 'allows basic operations' do
+			expect{ SafeRuby.eval("4 + 5") }.to_not raise_error
+			expect{ SafeRuby.eval("[4, 5].map{|n| n+1}") }.to_not raise_error
+		end
+
+		it 'does not allow malicious operations' do
+			expect{ SafeRuby.eval("system('ls')") }.to raise_error
+			expect{ SafeRuby.eval("`ls`") }.to raise_error
+			expect{ SafeRuby.eval("Kernel.abort") }.to raise_error
+		end
+	end
+end
diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb
@@ -0,0 +1,8 @@
+require 'safe_ruby'
+RSpec.configure do |config|
+  config.treat_symbols_as_metadata_keys_with_true_values = true
+  config.run_all_when_everything_filtered = true
+  config.filter_run :focus
+
+  config.order = 'random'
+end
