You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@couchdb.apache.org by rn...@apache.org on 2016/09/09 13:28:14 UTC
couch commit: updated refs/heads/master to 092dec8
Repository: couchdb-couch
Updated Branches:
refs/heads/master 72869b8bf -> 092dec86b
option to disable runtime code evaluation
Project: http://git-wip-us.apache.org/repos/asf/couchdb-couch/repo
Commit: http://git-wip-us.apache.org/repos/asf/couchdb-couch/commit/092dec86
Tree: http://git-wip-us.apache.org/repos/asf/couchdb-couch/tree/092dec86
Diff: http://git-wip-us.apache.org/repos/asf/couchdb-couch/diff/092dec86
Branch: refs/heads/master
Commit: 092dec86bbf068e0ab99f6586668260515fc86a9
Parents: 72869b8
Author: Randall Leeds <ra...@apache.org>
Authored: Sat Apr 23 17:49:34 2016 -0700
Committer: Robert Newson <rn...@apache.org>
Committed: Fri Sep 9 14:12:47 2016 +0100
----------------------------------------------------------------------
priv/couch_js/help.h | 1 +
priv/couch_js/main.c | 23 ++++++++++++++++++++++-
priv/couch_js/util.c | 2 ++
priv/couch_js/util.h | 1 +
4 files changed, 26 insertions(+), 1 deletion(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/couchdb-couch/blob/092dec86/priv/couch_js/help.h
----------------------------------------------------------------------
diff --git a/priv/couch_js/help.h b/priv/couch_js/help.h
index 7601e9d..e6afaa8 100644
--- a/priv/couch_js/help.h
+++ b/priv/couch_js/help.h
@@ -54,6 +54,7 @@ static const char USAGE_TEMPLATE[] =
" most SIZE bytes of memory to be allocated\n"
" -u FILE path to a .uri file containing the address\n"
" (or addresses) of one or more servers\n"
+ " --no-eval Disable runtime code evaluation\n"
"\n"
"Report bugs at <%s>.\n";
http://git-wip-us.apache.org/repos/asf/couchdb-couch/blob/092dec86/priv/couch_js/main.c
----------------------------------------------------------------------
diff --git a/priv/couch_js/main.c b/priv/couch_js/main.c
index 50d072c..dabeb19 100644
--- a/priv/couch_js/main.c
+++ b/priv/couch_js/main.c
@@ -349,6 +349,26 @@ static JSFunctionSpec global_functions[] = {
};
+static JSBool
+csp_allows(JSContext* cx)
+{
+ couch_args *args = (couch_args*)JS_GetContextPrivate(cx);
+ if(args->no_eval) {
+ return JS_FALSE;
+ } else {
+ return JS_TRUE;
+ }
+}
+
+
+static JSSecurityCallbacks security_callbacks = {
+ NULL,
+ NULL,
+ NULL,
+ csp_allows
+};
+
+
int
main(int argc, const char* argv[])
{
@@ -382,7 +402,8 @@ main(int argc, const char* argv[])
JS_SetOptions(cx, JSOPTION_TYPE_INFERENCE);
#endif
JS_SetContextPrivate(cx, args);
-
+ JS_SetRuntimeSecurityCallbacks(rt, &security_callbacks);
+
SETUP_REQUEST(cx);
global = JS_NewCompartmentAndGlobalObject(cx, &global_class, NULL);
http://git-wip-us.apache.org/repos/asf/couchdb-couch/blob/092dec86/priv/couch_js/util.c
----------------------------------------------------------------------
diff --git a/priv/couch_js/util.c b/priv/couch_js/util.c
index 2f2a2a7..7919025 100644
--- a/priv/couch_js/util.c
+++ b/priv/couch_js/util.c
@@ -98,6 +98,8 @@ couch_parse_args(int argc, const char* argv[])
}
} else if(strcmp("-u", argv[i]) == 0) {
args->uri_file = argv[++i];
+ } else if(strcmp("--no-eval", argv[i]) == 0) {
+ args->no_eval = 1;
} else if(strcmp("--", argv[i]) == 0) {
i++;
break;
http://git-wip-us.apache.org/repos/asf/couchdb-couch/blob/092dec86/priv/couch_js/util.h
----------------------------------------------------------------------
diff --git a/priv/couch_js/util.h b/priv/couch_js/util.h
index 3c71f69..062469d 100644
--- a/priv/couch_js/util.h
+++ b/priv/couch_js/util.h
@@ -16,6 +16,7 @@
#include <jsapi.h>
typedef struct {
+ int no_eval;
int use_http;
int use_test_funs;
int stack_size;