mnaberez · January 31, 2013 20:12
diff --git a/patch_psych_whitelist.rb b/patch_psych_whitelist.rb
 # Patch Psych to only resolve classes required for RubyGems.  Whitelist
 # from: https://github.com/rubygems/rubygems.org/pull/516/files#L2R15

 require "yaml"

 unless defined?(Psych) && Psych == YAML
  abort "Psych is not the YAML parser so unable to patch"
 end

 module Psych
  class ForbiddenClassException < Exception
  end

  module Visitors
    class ToRuby
      WHITELISTED_CLASSES = %w(
        Gem::Dependency
        Gem::Platform
        Gem::Requirement
        Gem::Specification
        Gem::Version
        Gem::Version::Requirement
      )

      private

      alias_method :unsafe_resolve_class, :resolve_class

      def resolve_class(name)
        if WHITELISTED_CLASSES.include?(name)
          unsafe_resolve_class(name)
        else
          raise ForbiddenClassException, name
        end
      end

    end # ToRuby
  end # Visitors
 end # Psych
	# Patch Psych to only resolve classes required for RubyGems. Whitelist
	# from: https://github.com/rubygems/rubygems.org/pull/516/files#L2R15

	require "yaml"

	unless defined?(Psych) && Psych == YAML
	abort "Psych is not the YAML parser so unable to patch"
	end

	module Psych
	class ForbiddenClassException < Exception
	end

	module Visitors
	class ToRuby
	WHITELISTED_CLASSES = %w(
	Gem::Dependency
	Gem::Platform
	Gem::Requirement
	Gem::Specification
	Gem::Version
	Gem::Version::Requirement
	)

	private

	alias_method :unsafe_resolve_class, :resolve_class

	def resolve_class(name)
	if WHITELISTED_CLASSES.include?(name)
	unsafe_resolve_class(name)
	else
	raise ForbiddenClassException, name
	end
	end

	end # ToRuby
	end # Visitors
	end # Psych
No results found