Example #1
0
def pool_worker_main(item: WorkItemInput,
                     output: multiprocessing.queues.Queue) -> None:
    try:
        # TODO figure out a more reliable way to suppress this. Redirect output?
        # Ignore ctrl-c in workers to reduce noisy tracebacks (the parent will kill us):
        signal.signal(signal.SIGINT, signal.SIG_IGN)

        if hasattr(os, "nice"):  # analysis should run at a low priority
            os.nice(10)
        set_debug(False)
        engage_auditwall()
        (stats, messages) = pool_worker_process_item(item)
        filename = item[0]
        output.put((filename, stats, messages))
    except BaseException as e:
        raise CrosshairInternal("Worker failed while analyzing " +
                                filename) from e
Example #2
0
def mypy_and_check(cmd_args: Optional[List[str]] = None) -> None:
    if cmd_args is None:
        cmd_args = sys.argv[1:]
    cmd_args = ["check"] + cmd_args
    check_args, mypy_args = command_line_parser().parse_known_args(cmd_args)
    set_debug(check_args.verbose)
    mypy_cmd_args = mypy_args + check_args.target
    debug("Running mypy with the following arguments:", " ".join(mypy_cmd_args))
    try:
        from mypy import api
    except ModuleNotFoundError:
        print("Unable to find mypy; skipping", file=sys.stderr)
    else:
        _mypy_out, mypy_err, mypy_ret = api.run(mypy_cmd_args)
        print(mypy_err, file=sys.stderr)
        if mypy_ret != 0:
            sys.exit(mypy_ret)
    engage_auditwall()
    debug("Running crosshair with these args:", check_args)
    unwalled_main(check_args)
Example #3
0
def main(cmd_args: Optional[List[str]] = None) -> None:
    if cmd_args is None:
        cmd_args = sys.argv[1:]
    engage_auditwall()
    unwalled_main(cmd_args)
    def test_fs_write_disallowed():
        assert call(["python", __file__, "write_open", "withwall"]) == 10
        assert call(["python", __file__, "write_open", "withoutwall"]) != 10

    def test_http_disallowed():
        assert call(["python", __file__, "http", "withwall"]) == 10

    def test_unlink_disallowed():
        assert call(["python", __file__, "unlink", "withwall"]) == 10


_ACTIONS = {
    "read_open": lambda: open("/dev/null", "rb"),
    "scandir": lambda: os.scandir("."),
    "import": lambda: __import__("shutil"),
    "write_open": lambda: open("/dev/null", "w"),
    "http": lambda: urllib.request.urlopen("http://localhost/foo"),
    "unlink": lambda: os.unlink("./delme.txt"),
}

if __name__ == "__main__":
    action, wall = sys.argv[1:]
    if wall == "withwall":
        engage_auditwall()

    try:
        _ACTIONS[action]()
    except SideEffectDetected as e:
        print(e)
        sys.exit(10)