Beefy Boxes and Bandwidth Generously Provided by pair Networks
good chemistry is complicated,
and a little bit messy -LW
 
PerlMonks  

Comment on

( #3333=superdoc: print w/replies, xml ) Need Help??

Thanks for pointing out Opcode.

So here's my opcode hunter:

#!/usr/bin/perl -w use strict; use Opcode qw(opset opmask_add opset_to_ops invert_opset); my $code = shift; defined $code or die "Usage: $0 <code> <permitted_opcode> <permitted_opcode> ...\n" +; # skip some masks from prev operations my %skip; $skip{$_}++ for @ARGV; my @all = opset_to_ops(invert_opset(opset())); # Try all opcodes, print error if eval failed foreach ( @all ) { $skip{$_} and next; opmask_add(opset($_)); eval $code and next; print "Eval failed on opcode: $_ with error: $@\n"; exit 1; }; print "Eval OK\n";

For input "my $x; 1" it requires four operators - const padany lineseq leaveeval

padany is the one responsible for the "private vatriable" error observable in this thread.

Now how come private variable is needed in "eval 1"? SIGDIE is my friend! Sooo... Let's get a stack trace:

#!/usr/bin/perl -w use strict; use warnings; use 5.012; use Safe; use Carp; my $code = shift; die "Usage: $0 <code> <premitted op> <permitted op> ..." unless define +d $code; my @perm = @ARGV; print "Trying: $code\n"; my $compartment = Safe->new; $compartment->share('*STDIN'); $compartment->share('&Dumper'); $compartment->permit_only(@perm); # Trap detailed stack trace my $stack; local $SIG{__DIE__} = sub { $stack = Carp::longmess(shift) }; print $compartment->reval($code); if ($@) { print "Unsafe code detected: $@"; print "At: $stack"; }

Here's my stack trace (note Carp complaining).

bash$ perl safe2.pl 1 Trying: 1 Unsafe code detected: 'private value' trapped by operation mask at (ev +al 5) line 1. At: 'private value' trapped by operation mask at (eval 5) line 1. at (eval 5) line 1 eval 'my $__ExPr__;1 ;' called at (eval 4) line 1 main::__ANON__(** Incomplete caller override detected; @DB::args w +ere not set **) called at /usr/share/perl/5.14/Safe.pm line 358 eval {...} called at /usr/share/perl/5.14/Safe.pm line 358 Safe::reval(** Incomplete caller override detected; @DB::args were + not set **) called at safe2.pl line 26

Aha, so Safe has added a "my" to my code before executing it. Finally, let's enable opcodes found by first script:

bash$ perl safe2.pl 1 padany const leaveeval lineseq Trying: 1 1
Conclusion: No sensible code will be ever executed by a compartment w/o these four opcodes.

In reply to Re^4: Passing argument into STDIN inside safe.pm reval (Update: which opcodes to enable) by Dallaylaen
in thread Passing argument into STDIN inside safe.pm reval by gideondsouza

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post; it's "PerlMonks-approved HTML":



  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.
  • Log In?
    Username:
    Password:

    What's my password?
    Create A New User
    Chatterbox?
    Tanktalus has to figure out why his cb talker isn't working :(
    [choroba]: https?
    [choroba]: That was at least why my cb talker wasn't working.

    How do I use this? | Other CB clients
    Other Users?
    Others scrutinizing the Monastery: (2)
    As of 2018-07-15 21:20 GMT
    Sections?
    Information?
    Find Nodes?
    Leftovers?
      Voting Booth?
      It has been suggested to rename Perl 6 in order to boost its marketing potential. Which name would you prefer?















      Results (326 votes). Check out past polls.

      Notices?