From 3ef9b544cddfc4d957f5787e934964ea4e779435 Mon Sep 17 00:00:00 2001
From: Vitaly _Vi Shukela <vi0oss@gmail.com>
Date: Mon, 15 Apr 2013 03:06:03 +0300
Subject: [PATCH] Security: Use EDN to read saved tasks from server

Previous versions of jscfi just executed the code stored on the SCPI.
---
 project.clj                        |  2 +-
 src/org/vi_server/jscfi/engine.clj | 26 +++++++++++++++++++++++---
 2 files changed, 24 insertions(+), 4 deletions(-)

diff --git a/project.clj b/project.clj
index 763587f..fa0786e 100644
--- a/project.clj
+++ b/project.clj
@@ -2,7 +2,7 @@
    jscfi
    "1.7" 
    :description "GUI for uploading MPI programs into PBS-controlled servers" 
-   :dependencies [[org.clojure/clojure "1.3.0-alpha4"] 
+   :dependencies [[org.clojure/clojure "1.5.1"] 
                  #_ "Alpha version because of http://dev.clojure.org/jira/browse/CLJ-855"
                   [org.clojure/tools.logging "0.2.3"]
 		  [com/miglayout/miglayout "3.7.2"]
diff --git a/src/org/vi_server/jscfi/engine.clj b/src/org/vi_server/jscfi/engine.clj
index 4f9ee97..346e3c1 100644
--- a/src/org/vi_server/jscfi/engine.clj
+++ b/src/org/vi_server/jscfi/engine.clj
@@ -19,6 +19,7 @@
       message
       something-changed
       text-info]])
+  (:require clojure.edn)
   (:import
     (com.jcraft.jsch
       ChannelSftp
@@ -61,10 +62,29 @@
  (info (format "Reading script %s with format arguments %s"  script-name args))
  (apply format (read-script-noformat script-name) args))
 
+;;(defn serialise [object]
+;; (binding [*print-dup* true] (with-out-str (prn object))))
+ 
 (defn serialise [object]
- (binding [*print-dup* true] (with-out-str (prn object))))
-
-(defn deserialise [string] (read-string string))
+ (-> 
+  object 
+  prn-str 
+  (clojure.string/replace " {" "\n{") 
+  (clojure.string/replace ", " ",\n")))
+
+  
+  
+;;(defn deserialise [string] (read-string string))
+(defn deserialise [string]
+ (let [fixed-string
+  (if 
+   (re-matches #".*clojure\.lang\.PersistentArrayMap/create(?:.*\n*)*" string)
+   ;; old format
+   (nth (re-find #_"(" #"clojure.lang.PersistentArrayMap/create (.*?)\)" string) 1)
+   ;; normal format
+   string
+   )]
+  (clojure.edn/read-string fixed-string)))
 
 (defn ssh-execute-output [session command input-str output]
  (info "ssh-execute-output")