Trusted modules (#496)

Author: vtereshkov

playground/umka.js

@@ -343,17 +343,17 @@ int moduleAdd(Modules *modules, const char *path)
 }
 
 
-char *moduleFindSource(Modules *modules, const char *path)
+ModuleSource *moduleFindSource(Modules *modules, const char *path)
 {
     unsigned int pathHash = hash(path);
     for (int i = 0; i < modules->numModuleSources; i++)
         if (modules->moduleSource[i]->pathHash == pathHash && strcmp(modules->moduleSource[i]->path, path) == 0)
-            return modules->moduleSource[i]->source;
+            return modules->moduleSource[i];
     return NULL;
 }
 
 
-void moduleAddSource(Modules *modules, const char *path, const char *source)
+void moduleAddSource(Modules *modules, const char *path, const char *source, bool trusted)
 {
     if (modules->numModuleSources >= MAX_MODULES)
         modules->error->handler(modules->error->context, "Too many module sources");
@@ -380,6 +380,7 @@ void moduleAddSource(Modules *modules, const char *path, const char *source)
     moduleSource->source[sourceLen] = 0;
 
     moduleSource->pathHash = hash(path);
+    moduleSource->trusted = trusted;
 
     modules->moduleSource[modules->numModuleSources++] = moduleSource;
 }
@@ -621,12 +622,13 @@ External *externalFind(Externals *externals, const char *name)
 }
 
 
-External *externalAdd(Externals *externals, const char *name, void *entry)
+External *externalAdd(Externals *externals, const char *name, void *entry, bool resolveInTrusted)
 {
     External *external = malloc(sizeof(External));
 
     external->entry = entry;
     external->resolved = false;
+    external->resolveInTrusted = resolveInTrusted;
 
     strncpy(external->name, name, DEFAULT_STR_LEN);
     external->name[DEFAULT_STR_LEN] = 0;

src/umka_common.c

@@ -142,6 +142,7 @@ typedef struct
     char path[DEFAULT_STR_LEN + 1], folder[DEFAULT_STR_LEN + 1], name[DEFAULT_STR_LEN + 1];
     unsigned int pathHash;
     char *source;
+    bool trusted;
 } ModuleSource;
 
 
@@ -180,7 +181,7 @@ typedef struct tagExternal
     char name[DEFAULT_STR_LEN + 1];
     unsigned int hash;
     void *entry;
-    bool resolved;
+    bool resolved, resolveInTrusted;
     struct tagExternal *next;
 } External;
 
@@ -222,8 +223,8 @@ void  moduleNameFromPath        (Modules *modules, const char *path, char *folde
 int   moduleFind                (Modules *modules, const char *path);
 int   moduleFindImported        (Modules *modules, Blocks *blocks, const char *name);
 int   moduleAdd                 (Modules *modules, const char *path);
-char *moduleFindSource          (Modules *modules, const char *path);
-void  moduleAddSource           (Modules *modules, const char *path, const char *source);
+ModuleSource *moduleFindSource  (Modules *modules, const char *path);
+void  moduleAddSource           (Modules *modules, const char *path, const char *source, bool trusted);
 void *moduleGetImplLibFunc      (Module  *module,  const char *name);
 char *moduleCurFolder           (char *buf, int size);
 bool  modulePathIsAbsolute      (const char *path);
@@ -241,7 +242,7 @@ int  blocksCurrent(Blocks *blocks);
 void externalInit       (Externals *externals);
 void externalFree       (Externals *externals);
 External *externalFind  (Externals *externals, const char *name);
-External *externalAdd   (Externals *externals, const char *name, void *entry);
+External *externalAdd   (Externals *externals, const char *name, void *entry, bool resolveInTrusted);
 
 
 static inline unsigned int hash(const char *str)

src/umka_common.h

@@ -172,27 +172,27 @@ static void compilerDeclareBuiltinIdents(Compiler *comp)
 
 static void compilerDeclareExternalFuncs(Compiler *comp, bool fileSystemEnabled)
 {
-    externalAdd(&comp->externals, "rtlmemcpy",      &rtlmemcpy);
-    externalAdd(&comp->externals, "rtlstdin",       &rtlstdin);
-    externalAdd(&comp->externals, "rtlstdout",      &rtlstdout);
-    externalAdd(&comp->externals, "rtlstderr",      &rtlstderr);
-    externalAdd(&comp->externals, "rtlfopen",       fileSystemEnabled ? &rtlfopen  : &rtlfopenSandbox);
-    externalAdd(&comp->externals, "rtlfclose",      fileSystemEnabled ? &rtlfclose : &rtlfcloseSandbox);
-    externalAdd(&comp->externals, "rtlfread",       fileSystemEnabled ? &rtlfread  : &rtlfreadSandbox);
-    externalAdd(&comp->externals, "rtlfwrite",      fileSystemEnabled ? &rtlfwrite : &rtlfwriteSandbox);
-    externalAdd(&comp->externals, "rtlfseek",       fileSystemEnabled ? &rtlfseek  : &rtlfseekSandbox);
-    externalAdd(&comp->externals, "rtlftell",       fileSystemEnabled ? &rtlftell  : &rtlftellSandbox);
-    externalAdd(&comp->externals, "rtlremove",      fileSystemEnabled ? &rtlremove : &rtlremoveSandbox);
-    externalAdd(&comp->externals, "rtlfeof",        fileSystemEnabled ? &rtlfeof   : &rtlfeofSandbox);
-    externalAdd(&comp->externals, "rtlfflush",      &rtlfflush);
-    externalAdd(&comp->externals, "rtltime",        &rtltime);
-    externalAdd(&comp->externals, "rtlclock",       &rtlclock);
-    externalAdd(&comp->externals, "rtllocaltime",   &rtllocaltime);
-    externalAdd(&comp->externals, "rtlgmtime",      &rtlgmtime);
-    externalAdd(&comp->externals, "rtlmktime",      &rtlmktime);
-    externalAdd(&comp->externals, "rtlgetenv",      fileSystemEnabled ? &rtlgetenv : &rtlgetenvSandbox);
-    externalAdd(&comp->externals, "rtlsystem",      fileSystemEnabled ? &rtlsystem : &rtlsystemSandbox);
-    externalAdd(&comp->externals, "rtltrace",       &rtltrace);
+    externalAdd(&comp->externals, "rtlmemcpy",      &rtlmemcpy,                                           true);
+    externalAdd(&comp->externals, "rtlstdin",       &rtlstdin,                                            true);
+    externalAdd(&comp->externals, "rtlstdout",      &rtlstdout,                                           true);
+    externalAdd(&comp->externals, "rtlstderr",      &rtlstderr,                                           true);
+    externalAdd(&comp->externals, "rtlfopen",       fileSystemEnabled ? &rtlfopen  : &rtlfopenSandbox,    true);
+    externalAdd(&comp->externals, "rtlfclose",      fileSystemEnabled ? &rtlfclose : &rtlfcloseSandbox,   true);
+    externalAdd(&comp->externals, "rtlfread",       fileSystemEnabled ? &rtlfread  : &rtlfreadSandbox,    true);
+    externalAdd(&comp->externals, "rtlfwrite",      fileSystemEnabled ? &rtlfwrite : &rtlfwriteSandbox,   true);
+    externalAdd(&comp->externals, "rtlfseek",       fileSystemEnabled ? &rtlfseek  : &rtlfseekSandbox,    true);
+    externalAdd(&comp->externals, "rtlftell",       fileSystemEnabled ? &rtlftell  : &rtlftellSandbox,    true);
+    externalAdd(&comp->externals, "rtlremove",      fileSystemEnabled ? &rtlremove : &rtlremoveSandbox,   true);
+    externalAdd(&comp->externals, "rtlfeof",        fileSystemEnabled ? &rtlfeof   : &rtlfeofSandbox,     true);
+    externalAdd(&comp->externals, "rtlfflush",      &rtlfflush,                                           true);
+    externalAdd(&comp->externals, "rtltime",        &rtltime,                                             true);
+    externalAdd(&comp->externals, "rtlclock",       &rtlclock,                                            true);
+    externalAdd(&comp->externals, "rtllocaltime",   &rtllocaltime,                                        true);
+    externalAdd(&comp->externals, "rtlgmtime",      &rtlgmtime,                                           true);
+    externalAdd(&comp->externals, "rtlmktime",      &rtlmktime,                                           true);
+    externalAdd(&comp->externals, "rtlgetenv",      fileSystemEnabled ? &rtlgetenv : &rtlgetenvSandbox,   true);
+    externalAdd(&comp->externals, "rtlsystem",      fileSystemEnabled ? &rtlsystem : &rtlsystemSandbox,   true);
+    externalAdd(&comp->externals, "rtltrace",       &rtltrace,                                            true);
 }
 
 
@@ -225,7 +225,7 @@ void compilerInit(Compiler *comp, const char *fileName, const char *sourceString
     comp->lex.tok.pos = 1;
     comp->debug.fnName = "<unknown>";
 
-    lexInit(&comp->lex, &comp->storage, &comp->debug, filePath, sourceString, &comp->error);
+    lexInit(&comp->lex, &comp->storage, &comp->debug, filePath, sourceString, false, &comp->error);
 
     comp->argc  = argc;
     comp->argv  = argv;
@@ -256,7 +256,9 @@ void compilerInit(Compiler *comp, const char *fileName, const char *sourceString
     {
         char runtimeModulePath[DEFAULT_STR_LEN + 1] = "";
         moduleAssertRegularizePath(&comp->modules, runtimeModuleNames[i], comp->modules.curFolder, runtimeModulePath, DEFAULT_STR_LEN + 1);
-        moduleAddSource(&comp->modules, runtimeModulePath, runtimeModuleSources[i]);
+
+        const bool runtimeModuleTrusted = strcmp(runtimeModuleNames[i], "std.um") == 0;
+        moduleAddSource(&comp->modules, runtimeModulePath, runtimeModuleSources[i], runtimeModuleTrusted);
     }
 }
 
@@ -321,7 +323,7 @@ bool compilerAddModule(Compiler *comp, const char *fileName, const char *sourceS
     if (moduleFindSource(&comp->modules, modulePath))
         return false;
 
-    moduleAddSource(&comp->modules, modulePath, sourceString);
+    moduleAddSource(&comp->modules, modulePath, sourceString, false);
     return true;
 }
 
@@ -331,7 +333,7 @@ bool compilerAddFunc(Compiler *comp, const char *name, ExternFunc func)
     if (externalFind(&comp->externals, name))
         return false;
 
-    externalAdd(&comp->externals, name, func);
+    externalAdd(&comp->externals, name, func, false);
     return true;
 }
 

src/umka_compiler.c

@@ -826,8 +826,17 @@ static void parseImportItem(Compiler *comp)
 
     // Module source strings, if any, have precedence over files
     char *sourceString = NULL;
+    bool sourceTrusted = false;
+
     if (moduleRegularizePath(comp->lex.tok.strVal, comp->modules.curFolder, path, DEFAULT_STR_LEN + 1))
-        sourceString = moduleFindSource(&comp->modules, path);
+    {
+        const ModuleSource *sourceDesc = moduleFindSource(&comp->modules, path);
+        if (sourceDesc)
+        {
+            sourceString = sourceDesc->source;
+            sourceTrusted = sourceDesc->trusted;
+        }
+    }
 
     if (!sourceString)
         moduleAssertRegularizePath(&comp->modules, comp->lex.tok.strVal, comp->modules.module[comp->blocks.module]->folder, path, DEFAULT_STR_LEN + 1);
@@ -853,7 +862,7 @@ static void parseImportItem(Compiler *comp)
         int currentModule       = comp->blocks.module;
         DebugInfo currentDebug  = comp->debug;
         Lexer currentLex        = comp->lex;
-        lexInit(&comp->lex, &comp->storage, &comp->debug, path, sourceString, &comp->error);
+        lexInit(&comp->lex, &comp->storage, &comp->debug, path, sourceString, sourceTrusted, &comp->error);
 
         lexNext(&comp->lex);
         importedModule = parseModule(comp);

src/umka_decl.c

@@ -109,7 +109,7 @@ enum
 static unsigned int keywordHash[NUM_KEYWORDS];
 
 
-int lexInit(Lexer *lex, Storage *storage, DebugInfo *debug, const char *fileName, const char *sourceString, Error *error)
+int lexInit(Lexer *lex, Storage *storage, DebugInfo *debug, const char *fileName, const char *sourceString, bool trusted, Error *error)
 {
     // Fill keyword hashes
     for (int i = 0; i < NUM_KEYWORDS; i++)
@@ -120,6 +120,7 @@ int lexInit(Lexer *lex, Storage *storage, DebugInfo *debug, const char *fileName
 
     lex->error = error;
     lex->hasSourceString = false;
+    lex->trusted = trusted;
     lex->buf = NULL;
     int bufLen = 0;
 

src/umka_lexer.c

@@ -118,7 +118,7 @@ typedef struct
 typedef struct
 {
     char *fileName;
-    bool hasSourceString;
+    bool hasSourceString, trusted;
     char *buf;
     int bufPos, line, pos;
     Token tok, prevTok;
@@ -128,7 +128,7 @@ typedef struct
 } Lexer;
 
 
-int lexInit(Lexer *lex, Storage *storage, DebugInfo *debug, const char *fileName, const char *sourceString, Error *error);
+int lexInit(Lexer *lex, Storage *storage, DebugInfo *debug, const char *fileName, const char *sourceString, bool trusted, Error *error);
 void lexFree(Lexer *lex);
 void lexNext(Lexer *lex);
 void lexNextForcedSemicolon(Lexer *lex);

src/umka_lexer.h

@@ -82,7 +82,7 @@ void doResolveExtern(Compiler *comp)
                     if (external->resolved)
                         comp->error.handler(comp->error.context, "External %s is already resolved", ident->name);
 
-                    if (!comp->lex.hasSourceString)
+                    if (!comp->lex.hasSourceString || (external->resolveInTrusted && !comp->lex.trusted))
                         comp->error.handler(comp->error.context, "Cannot resolve %s in this module", ident->name);
 
                     fn = external->entry;