module Toycol::Helper

Public Instance Methods

logger(message) click to toggle source
# File lib/toycol/helper.rb, line 5
def logger(message)
  puts "[Toycol] #{message}"
end

Private Instance Methods

safe_execution!(&block) click to toggle source
# File lib/toycol/helper.rb, line 11
def safe_execution!(&block)
  safe_executionable_tp.enable(&block)
end
safe_executionable_tp() click to toggle source
# File lib/toycol/helper.rb, line 15
    def safe_executionable_tp
      @safe_executionable_tp ||= TracePoint.new(:script_compiled) do |tp|
        if tp.binding.receiver == Protocol && tp.method_id.to_s.match?(unauthorized_methods_regex)
          raise UnauthorizeError, <<~ERROR
            - Unauthorized method was called!
            You can't use methods that may cause injections in your protocol.
            Ex. Kernel.#eval, Kernel.#exec, Kernel.#require and so on.
          ERROR
        end
      end
    end
unauthorized_methods_regex() click to toggle source
# File lib/toycol/helper.rb, line 27
def unauthorized_methods_regex
  /(.*eval|.*exec|`.+|%x\(|system|open|require|load)/
end