Skip to content
Projects
Groups
Snippets
Help
This project
Loading...
Sign in / Register
Toggle navigation
E
edx-platform
Overview
Overview
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
edx
edx-platform
Commits
c49b0c50
Commit
c49b0c50
authored
Mar 01, 2013
by
Ned Batchelder
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Have to make the globals json-safe before sending them to the sandbox.
parent
7aa493ec
Show whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
14 additions
and
13 deletions
+14
-13
common/lib/codejail/codejail/safe_exec.py
+14
-13
No files found.
common/lib/codejail/codejail/safe_exec.py
View file @
c49b0c50
...
...
@@ -101,7 +101,7 @@ def safe_exec(code, globals_dict, assumed_imports=None, files=None, python_path=
json.dump(g_dict, sys.__stdout__)
"""
))
stdin
=
json
.
dumps
([
code
,
globals_dict
])
stdin
=
json
.
dumps
([
code
,
json_safe
(
globals_dict
)
])
jailed_code
=
""
.
join
(
the_code
)
# Turn this on to see what's being executed.
...
...
@@ -117,16 +117,7 @@ def safe_exec(code, globals_dict, assumed_imports=None, files=None, python_path=
globals_dict
.
update
(
json
.
loads
(
res
.
stdout
))
def
not_safe_exec
(
code
,
globals_dict
,
assumed_imports
=
None
,
files
=
None
,
python_path
=
None
):
"""Another implementation of `safe_exec`, but not safe.
This can be swapped in for debugging problems in sandboxed Python code.
This is not thread-safe, due to temporarily changing the current directory
and modifying sys.path.
"""
def
straw
(
d
):
def
json_safe
(
d
):
"""Return only the JSON-safe part of d.
Used to emulate reading data through a serialization straw.
...
...
@@ -148,7 +139,17 @@ def not_safe_exec(code, globals_dict, assumed_imports=None, files=None, python_p
jd
[
k
]
=
v
return
json
.
loads
(
json
.
dumps
(
jd
))
g_dict
=
straw
(
globals_dict
)
def
not_safe_exec
(
code
,
globals_dict
,
assumed_imports
=
None
,
files
=
None
,
python_path
=
None
):
"""Another implementation of `safe_exec`, but not safe.
This can be swapped in for debugging problems in sandboxed Python code.
This is not thread-safe, due to temporarily changing the current directory
and modifying sys.path.
"""
g_dict
=
json_safe
(
globals_dict
)
for
name
,
modname
in
names_and_modules
(
assumed_imports
or
()):
g_dict
[
name
]
=
lazymod
.
LazyModule
(
modname
)
...
...
@@ -168,7 +169,7 @@ def not_safe_exec(code, globals_dict, assumed_imports=None, files=None, python_p
finally
:
sys
.
path
=
original_path
globals_dict
.
update
(
straw
(
g_dict
))
globals_dict
.
update
(
json_safe
(
g_dict
))
# Running Python code in the sandbox makes it difficult to debug.
# Change 0 to 1 to run the code directly.
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment
