Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Allow Resource Files In Addition To Source Files #25

Open
wants to merge 3 commits into
base: master
Choose a base branch
from

Conversation

asmr-hex
Copy link
Collaborator

@asmr-hex asmr-hex commented Aug 31, 2018

Overview

currently we only allow users to submit source code and the xaqt public API only allows code to be submitted via a stringified representation of the source rather than a filename. Since in some applications it may be necessary for the user submitted code to rely on external resources files (e.g. in machine learning applications where the source may need to read/write parameters to a file, etc.), this PR introduces support for adding an arbitrary number of external resource files. In actuality, these resource files could also be other source code files which the entrypoint source file imports or references. Additionally, we add the option of specifying source files rather than just stringified source code.

Major Changes

  • introduce Code struct for describing the representation of submitted code
  • introduce constants.go file (not very big right now but we should use it more in the future to avoid magic strings)
  • introduce code to copy, rewrite, cleanup resource files to/from docker container
  • refactor tests into test suites using the Testify test framework
  • write a few unit tests for payload copying/rewriting to/from docker container

Notes

we may have to rebase onto master if PR #24 is merged first.

this PR resolves issue #22

connorwalsh added 3 commits August 30, 2018 01:13
Major Changes:
* introduce public `Code` struct
* modify `(*context).Evaluate()` & `(*sandbox).run()` to accept `Code`
  struct
* introduce logic to move source files and resource files into tmp
  mounted docker directory
* refactored `cmd` and tests

Notes:
since we will be allowing the user's program to potentially write to a
resource file, we should add some security to ensure that the program
isn't dumping data into these files in an unbounded way. a malicious
program might want to do that to use up al storage.
Major Changes:
* introduce `constants.go` file to organize all package level consts
* add comment in `context_test.go` distinguishing it as public API
  functional tests
* organize whitebox tests into suites (using Testify library) which
  are invoked in `main_test.go`
* test `(*sandbox).PrepareTmpDir()` against three cases:
  (1) user code supplied as string
  (2) user code supplied as file
  (3) user code supplied as file with resource files
* test user code rewrite function, `(*sandbox).rewriteUserFiles()`
* introduce `(*sandbox).copyFiles()` for copying files
* introduce `(*sandbox).cleanup()` to be called after execution
@asmr-hex asmr-hex added the enhancement New feature or request label Aug 31, 2018
@asmr-hex asmr-hex requested review from frenata and nefelin August 31, 2018 21:31
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
enhancement New feature or request
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants