mirror of
https://github.com/str4d/rage.git
synced 2025-04-04 11:27:43 +03:00
age-core: Start plugin binaries in a temporary working directory
We don't want plugin binaries to make any assumptions about where they are run from. The easiest way to ensure this is to always run them from a fresh temporary directory. Closes str4d/rage#200.
This commit is contained in:
Jack Grigg
parent
13e1c35277
commit
42b7ce6958
3 changed files with 60 additions and 4 deletions
50
Cargo.lock
generated
50
Cargo.lock
generated
|
|
@ -127,6 +127,7 @@ dependencies = [
|
|||
"rand 0.7.3",
|
||||
"secrecy",
|
||||
"sha2",
|
||||
"tempfile",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
|
|
@ -1651,9 +1652,9 @@ checksum = "6a6b1679d49b24bbfe0c803429aa1874472f50d9b363131f0e89fc356b544d03"
|
|||
dependencies = [
|
||||
"getrandom 0.1.16",
|
||||
"libc",
|
||||
"rand_chacha",
|
||||
"rand_chacha 0.2.2",
|
||||
"rand_core 0.5.1",
|
||||
"rand_hc",
|
||||
"rand_hc 0.2.0",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
|
|
@ -1662,7 +1663,10 @@ version = "0.8.3"
|
|||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "0ef9e7e66b4468674bfcb0c81af8b7fa0bb154fa9f28eb840da5c447baeb8d7e"
|
||||
dependencies = [
|
||||
"libc",
|
||||
"rand_chacha 0.3.0",
|
||||
"rand_core 0.6.1",
|
||||
"rand_hc 0.3.0",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
|
|
@ -1675,6 +1679,16 @@ dependencies = [
|
|||
"rand_core 0.5.1",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "rand_chacha"
|
||||
version = "0.3.0"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "e12735cf05c9e10bf21534da50a147b924d555dc7a547c42e6bb2d5b6017ae0d"
|
||||
dependencies = [
|
||||
"ppv-lite86",
|
||||
"rand_core 0.6.1",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "rand_core"
|
||||
version = "0.5.1"
|
||||
|
|
@ -1702,6 +1716,15 @@ dependencies = [
|
|||
"rand_core 0.5.1",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "rand_hc"
|
||||
version = "0.3.0"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "3190ef7066a446f2e7f42e239d161e905420ccab01eb967c9eb27d21b2322a73"
|
||||
dependencies = [
|
||||
"rand_core 0.6.1",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "rayon"
|
||||
version = "1.5.0"
|
||||
|
|
@ -1769,6 +1792,15 @@ version = "0.6.22"
|
|||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "b5eb417147ba9860a96cfe72a0b93bf88fee1744b5636ec99ab20c1aa9376581"
|
||||
|
||||
[[package]]
|
||||
name = "remove_dir_all"
|
||||
version = "0.5.3"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "3acd125665422973a33ac9d3dd2df85edad0f4ae9b00dafb1a05e43a9f5ef8e7"
|
||||
dependencies = [
|
||||
"winapi",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "roff"
|
||||
version = "0.1.0"
|
||||
|
|
@ -2062,6 +2094,20 @@ dependencies = [
|
|||
"xattr",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "tempfile"
|
||||
version = "3.2.0"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "dac1c663cfc93810f88aed9b8941d48cabf856a1b111c29a40439018d870eb22"
|
||||
dependencies = [
|
||||
"cfg-if 1.0.0",
|
||||
"libc",
|
||||
"rand 0.8.3",
|
||||
"redox_syscall 0.2.4",
|
||||
"remove_dir_all",
|
||||
"winapi",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "termcolor"
|
||||
version = "1.1.2"
|
||||
|
|
|
|||
|
|
@ -34,8 +34,11 @@ nom = { version = "6", default-features = false, features = ["alloc"] }
|
|||
# Secret management
|
||||
secrecy = "0.7"
|
||||
|
||||
# Plugin backend
|
||||
tempfile = { version = "3.2.0", optional = true }
|
||||
|
||||
[features]
|
||||
plugin = []
|
||||
plugin = ["tempfile"]
|
||||
unstable = []
|
||||
|
||||
[lib]
|
||||
|
|
|
|||
|
|
@ -34,13 +34,16 @@ pub struct Connection<R: Read, W: Write> {
|
|||
input: BufReader<R>,
|
||||
output: W,
|
||||
buffer: String,
|
||||
_working_dir: Option<tempfile::TempDir>,
|
||||
}
|
||||
|
||||
impl Connection<ChildStdout, ChildStdin> {
|
||||
/// Start a plugin binary with the given state machine.
|
||||
pub fn open(binary: &Path, state_machine: &str) -> io::Result<Self> {
|
||||
let process = Command::new(binary)
|
||||
let working_dir = tempfile::tempdir()?;
|
||||
let process = Command::new(binary.canonicalize()?)
|
||||
.arg(format!("--age-plugin={}", state_machine))
|
||||
.current_dir(working_dir.path())
|
||||
.stdin(Stdio::piped())
|
||||
.stdout(Stdio::piped())
|
||||
.stderr(Stdio::piped())
|
||||
|
|
@ -51,6 +54,7 @@ impl Connection<ChildStdout, ChildStdin> {
|
|||
input,
|
||||
output,
|
||||
buffer: String::new(),
|
||||
_working_dir: Some(working_dir),
|
||||
})
|
||||
}
|
||||
}
|
||||
|
|
@ -62,6 +66,7 @@ impl Connection<io::Stdin, io::Stdout> {
|
|||
input: BufReader::new(io::stdin()),
|
||||
output: io::stdout(),
|
||||
buffer: String::new(),
|
||||
_working_dir: None,
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
@ -418,11 +423,13 @@ mod tests {
|
|||
input: BufReader::new(PipeReader::new(plugin_to_client.clone())),
|
||||
output: PipeWriter::new(client_to_plugin.clone()),
|
||||
buffer: String::new(),
|
||||
_working_dir: None,
|
||||
};
|
||||
let mut plugin_conn = Connection {
|
||||
input: BufReader::new(PipeReader::new(client_to_plugin)),
|
||||
output: PipeWriter::new(plugin_to_client),
|
||||
buffer: String::new(),
|
||||
_working_dir: None,
|
||||
};
|
||||
|
||||
client_conn
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue