def test_minimum_sys_modules():
# builtins stay
builtin_module = ModuleType('my_builtin')
modules = {'my_builtin': builtin_module}
new_modules = PEX.minimum_sys_modules([], modules)
assert new_modules == modules
new_modules = PEX.minimum_sys_modules(['bad_path'], modules)
assert new_modules == modules
# tainted evict
tainted_module = ModuleType('tainted_module')
tainted_module.__path__ = ['bad_path']
modules = {'tainted_module': tainted_module}
new_modules = PEX.minimum_sys_modules([], modules)
assert new_modules == modules
new_modules = PEX.minimum_sys_modules(['bad_path'], modules)
assert new_modules == {}
assert tainted_module.__path__ == []
# tainted cleaned
tainted_module = ModuleType('tainted_module')
tainted_module.__path__ = ['bad_path', 'good_path']
modules = {'tainted_module': tainted_module}
new_modules = PEX.minimum_sys_modules([], modules)
assert new_modules == modules
new_modules = PEX.minimum_sys_modules(['bad_path'], modules)
assert new_modules == modules
assert tainted_module.__path__ == ['good_path']
def test_minimum_sys_modules():
# builtins stay
builtin_module = ModuleType('my_builtin')
modules = {'my_builtin': builtin_module}
new_modules = PEX.minimum_sys_modules([], modules)
assert new_modules == modules
new_modules = PEX.minimum_sys_modules(['bad_path'], modules)
assert new_modules == modules
# tainted evict
tainted_module = ModuleType('tainted_module')
tainted_module.__path__ = ['bad_path']
modules = {'tainted_module': tainted_module}
new_modules = PEX.minimum_sys_modules([], modules)
assert new_modules == modules
new_modules = PEX.minimum_sys_modules(['bad_path'], modules)
assert new_modules == {}
assert tainted_module.__path__ == []
# tainted cleaned
tainted_module = ModuleType('tainted_module')
tainted_module.__path__ = ['bad_path', 'good_path']
modules = {'tainted_module': tainted_module}
new_modules = PEX.minimum_sys_modules([], modules)
assert new_modules == modules
new_modules = PEX.minimum_sys_modules(['bad_path'], modules)
assert new_modules == modules
assert tainted_module.__path__ == ['good_path']
def test_minimum_sys_modules():
# builtins stay
builtin_module = ModuleType('my_builtin')
modules = {'my_builtin': builtin_module}
new_modules = PEX.minimum_sys_modules([], modules)
assert new_modules == modules
new_modules = PEX.minimum_sys_modules(['bad_path'], modules)
assert new_modules == modules
# tainted evict
tainted_module = ModuleType('tainted_module')
tainted_module.__path__ = ['bad_path']
modules = {'tainted_module': tainted_module}
new_modules = PEX.minimum_sys_modules([], modules)
assert new_modules == modules
new_modules = PEX.minimum_sys_modules(['bad_path'], modules)
assert new_modules == {}
assert tainted_module.__path__ == []
# tainted cleaned
tainted_module = ModuleType('tainted_module')
tainted_module.__path__ = ['bad_path', 'good_path']
modules = {'tainted_module': tainted_module}
new_modules = PEX.minimum_sys_modules([], modules)
assert new_modules == modules
new_modules = PEX.minimum_sys_modules(['bad_path'], modules)
assert new_modules == modules
assert tainted_module.__path__ == ['good_path']
# If __path__ is not a list the module is removed; typically this implies
# it's a namespace package (https://www.python.org/dev/peps/pep-0420/) where
# __path__ is a _NamespacePath.
try:
from importlib._bootstrap_external import _NamespacePath
bad_path = _NamespacePath("hello", "world", None)
except ImportError:
bad_path = {"hello": "world"}
class FakeModule(object):
pass
tainted_module = FakeModule()
tainted_module.__path__ = bad_path # Not a list as expected
modules = {'tainted_module': tainted_module}
new_modules = PEX.minimum_sys_modules(['bad_path'], modules)
assert new_modules == {}
def test_minimum_sys_modules():
# builtins stay
builtin_module = ModuleType('my_builtin')
modules = {'my_builtin': builtin_module}
new_modules = PEX.minimum_sys_modules([], modules)
assert new_modules == modules
new_modules = PEX.minimum_sys_modules(['bad_path'], modules)
assert new_modules == modules
# tainted evict
tainted_module = ModuleType('tainted_module')
tainted_module.__path__ = ['bad_path']
modules = {'tainted_module': tainted_module}
new_modules = PEX.minimum_sys_modules([], modules)
assert new_modules == modules
new_modules = PEX.minimum_sys_modules(['bad_path'], modules)
assert new_modules == {}
assert tainted_module.__path__ == []
# tainted cleaned
tainted_module = ModuleType('tainted_module')
tainted_module.__path__ = ['bad_path', 'good_path']
modules = {'tainted_module': tainted_module}
new_modules = PEX.minimum_sys_modules([], modules)
assert new_modules == modules
new_modules = PEX.minimum_sys_modules(['bad_path'], modules)
assert new_modules == modules
assert tainted_module.__path__ == ['good_path']
# If __path__ is not a list the module is removed; typically this implies
# it's a namespace package (https://www.python.org/dev/peps/pep-0420/) where
# __path__ is a _NamespacePath.
try:
from importlib._bootstrap_external import _NamespacePath
bad_path = _NamespacePath("hello", "world", None)
except ImportError:
bad_path = {"hello": "world"}
class FakeModule(object):
pass
tainted_module = FakeModule()
tainted_module.__path__ = bad_path # Not a list as expected
modules = {'tainted_module': tainted_module}
new_modules = PEX.minimum_sys_modules(['bad_path'], modules)
assert new_modules == {}
def test_minimum_sys_modules():
# tainted modules evict
tainted_module = ModuleType("tainted_module")
tainted_module.__file__ = "bad_path"
modules = {"tainted_module": tainted_module}
new_modules = PEX.minimum_sys_modules(site_libs=[], modules=modules)
assert new_modules == modules
new_modules = PEX.minimum_sys_modules(site_libs=["bad_path"],
modules=modules)
assert new_modules == {}
# builtins stay
builtin_module = ModuleType("my_builtin")
stdlib_module = ModuleType("my_stdlib")
stdlib_module.__file__ = "good_path"
modules = {"my_builtin": builtin_module, "my_stdlib": stdlib_module}
new_modules = PEX.minimum_sys_modules(site_libs=[], modules=modules)
assert new_modules == modules
new_modules = PEX.minimum_sys_modules(site_libs=["bad_path"],
modules=modules)
assert new_modules == modules
# tainted packages evict
tainted_module = ModuleType("tainted_module")
tainted_module.__path__ = ["bad_path"]
modules = {"tainted_module": tainted_module}
new_modules = PEX.minimum_sys_modules(site_libs=[], modules=modules)
assert new_modules == modules
new_modules = PEX.minimum_sys_modules(site_libs=["bad_path"],
modules=modules)
assert new_modules == {}
assert tainted_module.__path__ == []
# tainted packages cleaned
tainted_module = ModuleType("tainted_module")
tainted_module.__path__ = ["bad_path", "good_path"]
modules = {"tainted_module": tainted_module}
new_modules = PEX.minimum_sys_modules(site_libs=[], modules=modules)
assert new_modules == modules
new_modules = PEX.minimum_sys_modules(site_libs=["bad_path"],
modules=modules)
assert new_modules == modules
assert tainted_module.__path__ == ["good_path"]
# If __path__ is not a list the module is removed; typically this implies
# it's a namespace package (https://www.python.org/dev/peps/pep-0420/) where
# __path__ is a _NamespacePath.
try:
from importlib._bootstrap_external import _NamespacePath
bad_path = _NamespacePath("hello", "world", None)
except ImportError:
bad_path = {"hello": "world"}
class FakeModule(object):
pass
tainted_module = FakeModule()
tainted_module.__path__ = bad_path # Not a list as expected
modules = {"tainted_module": tainted_module}
new_modules = PEX.minimum_sys_modules(site_libs=["bad_path"],
modules=modules)
assert new_modules == {}
# If __file__ is explicitly None we should gracefully proceed to __path__ checks.
tainted_module = ModuleType("tainted_module")
tainted_module.__file__ = None
modules = {"tainted_module": tainted_module}
new_modules = PEX.minimum_sys_modules(site_libs=[], modules=modules)
assert new_modules == modules
