aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorGravatar Matteo Bertucci <[email protected]>2021-02-26 14:21:00 +0100
committerGravatar Matteo Bertucci <[email protected]>2021-02-26 14:21:00 +0100
commit9d2c3794a4c95f6c63a7de64172bc35a68403a4c (patch)
treec01d39e6f5862a00fc478da5f08d73ede43972dd
parentProperly hadnle hidden tests starting with test_ (diff)
Use base64 encoded code snippets
Diffstat (limited to '')
-rw-r--r--backend/routes/forms/unittesting.py8
-rw-r--r--resources/unittest_template.py6
2 files changed, 8 insertions, 6 deletions
diff --git a/backend/routes/forms/unittesting.py b/backend/routes/forms/unittesting.py
index 175701f..b12cff2 100644
--- a/backend/routes/forms/unittesting.py
+++ b/backend/routes/forms/unittesting.py
@@ -1,3 +1,4 @@
+import base64
from collections import namedtuple
from itertools import count
from textwrap import indent
@@ -45,10 +46,9 @@ def _make_unit_code(units: dict[str, str]) -> str:
def _make_user_code(code: str) -> str:
- """Compose the user code into an actual string variable."""
- # Make sure that we we escape triple quotes in the user code
- code = code.replace('"""', '\\"""')
- return f'USER_CODE = r"""{code}"""'
+ """Compose the user code into an actual base64-encoded string variable."""
+ code = base64.b64encode(code.encode("utf8")).decode("utf8")
+ return f'USER_CODE = b"{code}"'
async def _post_eval(code: str) -> dict[str, str]:
diff --git a/resources/unittest_template.py b/resources/unittest_template.py
index 38e3be8..2410278 100644
--- a/resources/unittest_template.py
+++ b/resources/unittest_template.py
@@ -1,6 +1,7 @@
# flake8: noqa
"""This template is used inside snekbox to evaluate and test user code."""
import ast
+import base64
import io
import os
import sys
@@ -36,14 +37,15 @@ def _exit_sandbox(code: int) -> NoReturn:
def _load_user_module() -> ModuleType:
"""Load the user code into a new module and return it."""
+ code = base64.b64decode(USER_CODE).decode("utf8")
try:
- ast.parse(USER_CODE, "<input>")
+ ast.parse(code, "<input>")
except SyntaxError:
RESULT.write("".join(traceback.format_exception(*sys.exc_info(), limit=0)))
_exit_sandbox(5)
_module = ModuleType("module")
- exec(USER_CODE, _module.__dict__)
+ exec(code, _module.__dict__)
return _module