vim/YouCompleteMe
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Ask before loading .ycm_extra_conf.py files

Browse Source 
To prevent the execution of malicious code the new default is
to ask the user before a `.ycm_extra_conf.py` file is loaded.
This can be disabled using the option `g:ycm_confirm_extra_conf`.

This commit introduces a helper class `FlagsModules` that keeps track of
and caches the currently loaded modules. To introduce further criteria
for a module look at `FlagsModules.ShouldLoad`.

Also `:YcmDebugInfo` now lists the file that was used to determine
the current set of flags.

`Flags.ModuleForFile` could be used in a user-facing command that
opens the `.ycm_extra_conf.py` corresponding to the current file.
A second command could then force a reloding of this module via
`Flags.ReloadModule`.
This commit is contained in:
Johann Klähn 2013-02-25 10:58:04 +01:00
parent 4b3e0a1895
commit e9cce29761
4 changed files with 122 additions and 50 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
README.md
View File

@ -316,6 +316,10 @@ method in that module which should provide it with the information necessary to
compile the current file. (You can also provide a path to a global compile the current file. (You can also provide a path to a global
`.ycm_extra_conf.py` file, which will be used as a fallback. See the Options `.ycm_extra_conf.py` file, which will be used as a fallback. See the Options
section for more details.) section for more details.)
To prevent the execution of malicious code from a file you didn't write
YCM will ask once per module if it is safe to be loaded.
(This can be disabled. See the Options section.)
This system was designed this way so that the user can perform any arbitrary This system was designed this way so that the user can perform any arbitrary
sequence of operations to produce a list of compilation flags YCM should hand sequence of operations to produce a list of compilation flags YCM should hand
@ -651,6 +655,16 @@ Default: `''`
let g:ycm_global_ycm_extra_conf = '' let g:ycm_global_ycm_extra_conf = ''
### The `g:ycm_confirm_extra_conf` option
When this option is set to `1` YCM will ask once per '.ycm_extra_conf.py' file
if it is safe to be loaded. This is to prevent execution of malicious code
from a '.ycm_extra_conf.py' file you didn't write.
Default: `1`
let g:ycm_confirm_extra_conf = 1
### The `g:ycm_semantic_triggers` option ### The `g:ycm_semantic_triggers` option
This option controls the character-based triggers for the various semantic This option controls the character-based triggers for the various semantic

3
plugin/youcompleteme.vim
View File

@ -103,6 +103,9 @@ let g:ycm_key_detailed_diagnostics =
let g:ycm_global_ycm_extra_conf = let g:ycm_global_ycm_extra_conf =
\ get( g:, 'ycm_global_ycm_extra_conf', '' ) \ get( g:, 'ycm_global_ycm_extra_conf', '' )
let g:ycm_confirm_extra_conf =
\ get( g:, 'ycm_confirm_extra_conf', 1 )
let g:ycm_semantic_triggers = let g:ycm_semantic_triggers =
\ get( g:, 'ycm_semantic_triggers', { \ get( g:, 'ycm_semantic_triggers', {
\ 'c' : ['->', '.'], \ 'c' : ['->', '.'],

3
python/completers/cpp/clang_completer.py
View File

@ -206,7 +206,8 @@ class ClangCompleter( Completer ):
def DebugInfo( self ): def DebugInfo( self ):
filename = vim.current.buffer.name filename = vim.current.buffer.name
flags = self.flags.FlagsForFile( filename ) or [] flags = self.flags.FlagsForFile( filename ) or []
return 'Flags for {0}:\n{1}'.format( filename, list( flags ) ) source = self.flags.ModuleForFile( filename )
return 'Flags for {0} loaded from {1}:\n{2}'.format( filename, source, list( flags ) )
# TODO: make these functions module-local # TODO: make these functions module-local

148
python/completers/cpp/flags.py
View File

@ -29,32 +29,49 @@ YCM_EXTRA_CONF_FILENAME = '.ycm_extra_conf.py'
NO_EXTRA_CONF_FILENAME_MESSAGE = ('No {0} file detected, so no compile flags ' NO_EXTRA_CONF_FILENAME_MESSAGE = ('No {0} file detected, so no compile flags '
'are available. Thus no semantic support for C/C++/ObjC/ObjC++. See the ' 'are available. Thus no semantic support for C/C++/ObjC/ObjC++. See the '
'docs for details.').format( YCM_EXTRA_CONF_FILENAME ) 'docs for details.').format( YCM_EXTRA_CONF_FILENAME )
CONFIRM_CONF_FILE_MESSAGE = 'Found {0}. Load?'
GLOBAL_YCM_EXTRA_CONF_FILE = os.path.expanduser( GLOBAL_YCM_EXTRA_CONF_FILE = os.path.expanduser(
vimsupport.GetVariableValue( "g:ycm_global_ycm_extra_conf" ) vimsupport.GetVariableValue( "g:ycm_global_ycm_extra_conf" )
) )
class Flags( object ): class Flags( object ):
"""Keeps track of the flags necessary to compile a file.
The flags are loaded from user-created python files
(hereafter referred to as 'modules') that contain
a method FlagsForFile( filename )."""
def __init__( self ): def __init__( self ):
# It's caches all the way down... # It's caches all the way down...
self.flags_for_file = {} self.flags_for_file = {}
self.flags_module_for_file = {} self.module_for_file = {}
self.flags_module_for_flags_module_file = {} self.modules = FlagsModules()
self.special_clang_flags = _SpecialClangIncludes() self.special_clang_flags = _SpecialClangIncludes()
self.no_extra_conf_file_warning_posted = False self.no_extra_conf_file_warning_posted = False
def ModuleForFile( self, filename ):
"""This will try all files returned by _FlagsModuleSourceFilesForFile in
order and return the filename of the first module that was allowed to load.
If no module was found or allowed to load, None is returned."""
if not self.module_for_file.has_key( filename ):
for flags_module_file in _FlagsModuleSourceFilesForFile( filename ):
if self.modules.Load( flags_module_file ):
self.module_for_file[ filename ] = flags_module_file
break
return self.module_for_file.setdefault( filename )
def FlagsForFile( self, filename ): def FlagsForFile( self, filename ):
try: try:
return self.flags_for_file[ filename ] return self.flags_for_file[ filename ]
except KeyError: except KeyError:
flags_module = self._FlagsModuleForFile( filename ) module_file = self.ModuleForFile( filename )
if not flags_module: if not module_file:
if not self.no_extra_conf_file_warning_posted: if not self.no_extra_conf_file_warning_posted:
vimsupport.PostVimMessage( NO_EXTRA_CONF_FILENAME_MESSAGE ) vimsupport.PostVimMessage( NO_EXTRA_CONF_FILENAME_MESSAGE )
self.no_extra_conf_file_warning_posted = True self.no_extra_conf_file_warning_posted = True
return None return None
results = flags_module.FlagsForFile( filename ) results = self.modules[ module_file ].FlagsForFile( filename )
if not results.get( 'flags_ready', True ): if not results.get( 'flags_ready', True ):
return None return None
@ -66,58 +83,95 @@ class Flags( object ):
self.flags_for_file[ filename ] = sanitized_flags self.flags_for_file[ filename ] = sanitized_flags
return sanitized_flags return sanitized_flags
def ReloadModule( self, module_file ):
"""Reloads a module file cleaning the flags cache for all files
associated with that module. Returns False if reloading failed
(for example due to the model not being loaded in the first place)."""
module_file = os.path.abspath(module_file)
if self.modules.Reload( module_file ):
for filename, module in self.module_for_file.iteritems():
if module == module_file:
del self.flags_for_file[ filename ]
return True
return False
def _FlagsModuleForFile( self, filename ):
try:
return self.flags_module_for_file[ filename ]
except KeyError:
flags_module_file = _FlagsModuleSourceFileForFile( filename )
if not flags_module_file:
return None
try: class FlagsModules( object ):
flags_module = self.flags_module_for_flags_module_file[ """Keeps track of modules.
flags_module_file ] Modules are loaded on-demand and cached in self.modules for quick access."""
except KeyError: def __init__( self ):
self.modules = {}
def Disable( self, module_file ):
"""Disables the loading of a module for the current session."""
self.modules[ module_file ] = None
@staticmethod
def ShouldLoad( module_file ):
"""Checks if a module is safe to be loaded.
By default this will ask the user for confirmation."""
if module_file == GLOBAL_YCM_EXTRA_CONF_FILE:
return True
if ( vimsupport.GetBoolValue( 'g:ycm_confirm_extra_conf' ) and
not vimsupport.Confirm(
CONFIRM_CONF_FILE_MESSAGE.format( module_file ) ) ):
return False
return True
def Load( self, module_file, force = False ):
"""Load and return the module contained in a file.
Using force = True the module will be loaded regardless
of the criteria in ShouldLoad.
This will return None if the module was not allowed to be loaded."""
if not force:
if self.modules.has_key( module_file ):
return self.modules[ module_file ]
if not self.ShouldLoad( module_file ):
return self.Disable( module_file )
sys.path.insert( 0, _DirectoryOfThisScript() ) sys.path.insert( 0, _DirectoryOfThisScript() )
flags_module = imp.load_source( _RandomName(), flags_module_file ) module = imp.load_source( _RandomName(), module_file )
del sys.path[ 0 ] del sys.path[ 0 ]
self.flags_module_for_flags_module_file[ self.modules[ module_file ] = module
flags_module_file ] = flags_module return module
self.flags_module_for_file[ filename ] = flags_module def Reload( self, module_file ):
return flags_module """Reloads the given module. If it has not been loaded yet does nothing.
Note that the module will not be subject to the loading criteria again."""
if self.modules.get( module_file ):
return self.Load( module_file, force = True )
def __getitem__( self, key ):
return self.Load( key )
def _FlagsModuleSourceFilesForFile( filename ):
"""For a given filename, search all parent folders for YCM_EXTRA_CONF_FILENAME
files that will compute the flags necessary to compile the file.
If GLOBAL_YCM_EXTRA_CONF_FILE exists it is returned as a fallback."""
for folder in _PathsToAllParentFolders( filename ):
candidate = os.path.join( folder, YCM_EXTRA_CONF_FILENAME )
if os.path.exists( candidate ):
yield candidate
if ( GLOBAL_YCM_EXTRA_CONF_FILE
and os.path.exists( GLOBAL_YCM_EXTRA_CONF_FILE ) ):
yield GLOBAL_YCM_EXTRA_CONF_FILE
def _FlagsModuleSourceFileForFile( filename ):
"""For a given filename, finds its nearest YCM_EXTRA_CONF_FILENAME file that
will compute the flags necessary to compile the file. If no
YCM_EXTRA_CONF_FILENAME file could be found, try to use
GLOBAL_YCM_EXTRA_CONF_FILE instead. If that also fails, return None.
Uses the global ycm_extra_conf file if one is set."""
ycm_conf_file = None def _PathsToAllParentFolders( filename ):
parent_folder = os.path.dirname( filename ) """Build a list of all parent folders of a file.
old_parent_folder = '' The neares files will be returned first.
Example: _PathsToAllParentFolders( '/home/user/projects/test.c' )
while True: [ '/home/user/projects', '/home/user', '/home', '/' ]"""
current_file = os.path.join( parent_folder, YCM_EXTRA_CONF_FILENAME ) parent_folders = os.path.abspath(
if os.path.exists( current_file ): os.path.dirname( filename ) ).split( os.path.sep )
ycm_conf_file = current_file if not parent_folders[0]:
break parent_folders[0] = os.path.sep
parent_folders = [ os.path.join( *parent_folders[:i + 1] )
old_parent_folder = parent_folder for i in xrange( len( parent_folders ) ) ]
parent_folder = os.path.dirname( parent_folder ) return reversed( parent_folders )
if parent_folder is old_parent_folder:
break
if ( not ycm_conf_file and GLOBAL_YCM_EXTRA_CONF_FILE and
os.path.exists( GLOBAL_YCM_EXTRA_CONF_FILE ) ):
ycm_conf_file = GLOBAL_YCM_EXTRA_CONF_FILE
return ycm_conf_file
def _RandomName(): def _RandomName():