Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

Rubeque got hacked from a call "puts ENV". Handling the fix by unsett…

…ing ENV in sicuro.
  • Loading branch information...
commit a1c9dcc4653e67f1df9be3d6eb3866b624b797c4 1 parent 4ae8718
David Davis authored
Showing with 15 additions and 6 deletions.
  1. +1 −1  Gemfile
  2. +8 −3 Gemfile.lock
  3. +6 −2 app/classes/code_executor.rb
View
2  Gemfile
@@ -9,7 +9,7 @@ gem 'jquery-rails'
gem 'devise', '~> 2.0.4'
gem "rinku"
gem 'exception_notification', :require => 'exception_notifier'
-gem 'sicuro'
+gem 'sicuro', git: "git://github.com/daviddavis/sicuro.git"
gem 'mongoid-history'
gem 'kaminari'
gem 'chosen-rails'
View
11 Gemfile.lock
@@ -1,3 +1,10 @@
+GIT
+ remote: git://github.com/daviddavis/sicuro.git
+ revision: 31ab9a3aa9ce544ea619e9ed48419a5dfc29a92a
+ specs:
+ sicuro (0.0.7)
+ fakefs
+
GEM
remote: http://rubygems.org/
specs:
@@ -234,8 +241,6 @@ GEM
ffi (~> 1.0)
multi_json (~> 1.0)
rubyzip
- sicuro (0.0.7)
- fakefs
spoon (0.0.1)
sprockets (2.1.2)
hike (~> 1.2)
@@ -300,7 +305,7 @@ DEPENDENCIES
rubyheap (~> 0.1.1)
sass-rails (~> 3.2.3)
selenium-webdriver
- sicuro
+ sicuro!
turn (= 0.8.2)
uglifier (>= 1.0.3)
uuid (~> 2.3.5)
View
8 app/classes/code_executor.rb
@@ -35,9 +35,9 @@ def execute
end
ERROR_PATTERNS.each {|re| @errors << result if result =~ re}
- if @result == "<timeout hit>"
+ if result == "<timeout hit>"
@errors << "Your solution timed out."
- elsif @result.strip != @uid && @errors.empty?
+ elsif result != @uid && @errors.empty?
@errors << "Solution contained unexpected output or returned prematurely#{Rails.env.prodution? ? '.' : ": #{result}"}"
end
@@ -64,6 +64,10 @@ def combined_code
[pre_code, @code, post_code].join("\n")
end
+ def result
+ @result.to_s
+ end
+
PRECODE = <<-code
def assert_equal(x, y, message = nil)
if x != y
Please sign in to comment.
Something went wrong with that request. Please try again.