IRIX Base Documentation 2001 May

home *** CD-ROM | disk | FTP | other *** search

/ IRIX Base Documentation 2001 May / SGI IRIX Base Documentation 2001 May.iso / usr / share / catman / p_man / cat3 / perl5 / Opcode.z / Opcode

Wrap

Text File | 1998-10-30 | 19.2 KB | 661 lines

OOOOppppccccooooddddeeee((((3333)))) OOOOppppccccooooddddeeee((((3333)))) NNNNAAAAMMMMEEEE Opcode - Disable named opcodes when compiling perl code SSSSYYYYNNNNOOOOPPPPSSSSIIIISSSS use Opcode; DDDDEEEESSSSCCCCRRRRIIIIPPPPTTTTIIIIOOOONNNN Perl code is always compiled into an internal format before execution. Evaluating perl code (e.g. via "eval" or "do 'file'") causes the code to be compiled into an internal format and then, provided there was no error in the compilation, executed. The internal format is based on many distinct _o_p_c_o_d_e_s. By default no opmask is in effect and any code can be compiled. The Opcode module allow you to define an _o_p_e_r_a_t_o_r _m_a_s_k to be in effect when perl _n_e_x_t compiles any code. Attempting to compile code which contains a masked opcode will cause the compilation to fail with an error. The code will not be executed. NNNNOOOOTTTTEEEE The Opcode module is not usually used directly. See the ops pragma and Safe modules for more typical uses. WWWWAAAARRRRNNNNIIIINNNNGGGG The authors make nnnnoooo wwwwaaaarrrrrrrraaaannnnttttyyyy, implied or otherwise, about the suitability of this software for safety or security purposes. The authors shall not in any case be liable for special, incidental, consequential, indirect or other similar damages arising from the use of this software. Your mileage will vary. If in any doubt ddddoooo nnnnooootttt uuuusssseeee iiiitttt. OOOOppppeeeerrrraaaattttoooorrrr NNNNaaaammmmeeeessss aaaannnndddd OOOOppppeeeerrrraaaattttoooorrrr LLLLiiiissssttttssss The canonical list of operator names is the contents of the array op_name defined and initialised in file _o_p_c_o_d_e._h of the Perl source distribution (and installed into the perl library). Each operator has both a terse name (its opname) and a more verbose or recognisable descriptive name. The opdesc function can be used to return a list of descriptions for a list of operators. Many of the functions and methods listed below take a list of operators as parameters. Most operator lists can be made up of several types of element. Each element can be one of an operator name (opname) Operator names are typically small lowercase words like enterloop, leaveloop, last, next, redo etc. Sometimes they are PPPPaaaaggggeeee 1111 OOOOppppccccooooddddeeee((((3333)))) OOOOppppccccooooddddeeee((((3333)))) rather cryptic like gv2cv, i_ncmp and ftsvtx. an operator tag name (optag) Operator tags can be used to refer to groups (or sets) of operators. Tag names always being with a colon. The Opcode module defines several optags and the user can define others using the define_optag function. a negated opname or optag An opname or optag can be prefixed with an exclamation mark, e.g., !mkdir. Negating an opname or optag means remove the corresponding ops from the accumulated set of ops at that point. an operator set (opset) An _o_p_s_e_t as a binary string of approximately 43 bytes which holds a set or zero or more operators. The opset and opset_to_ops functions can be used to convert from a list of operators to an opset and _v_i_c_e _v_e_r_s_a. Wherever a list of operators can be given you can use one or more opsets. See also Manipulating Opsets below. OOOOppppccccooooddddeeee FFFFuuuunnnnccccttttiiiioooonnnnssss The Opcode package contains functions for manipulating operator names tags and sets. All are available for export by the package. opcodes In a scalar context opcodes returns the number of opcodes in this version of perl (around 340 for perl5.002). In a list context it returns a list of all the operator names. (Not yet implemented, use @names = _o_p_s_e_t__t_o__o_p_s(full_opset).) opset (OP, ...) Returns an opset containing the listed operators. opset_to_ops (OPSET) Returns a list of operator names corresponding to those operators in the set. opset_to_hex (OPSET) Returns a string representation of an opset. Can be handy for debugging. full_opset Returns an opset which includes all operators. empty_opset Returns an opset which contains no operators. PPPPaaaaggggeeee 2222 OOOOppppccccooooddddeeee((((3333)))) OOOOppppccccooooddddeeee((((3333)))) invert_opset (OPSET) Returns an opset which is the inverse set of the one supplied. verify_opset (OPSET, ...) Returns true if the supplied opset looks like a valid opset (is the right length etc) otherwise it returns false. If an optional second parameter is true then verify_opset will croak on an invalid opset instead of returning false. Most of the other Opcode functions call verify_opset automatically and will croak if given an invalid opset. define_optag (OPTAG, OPSET) Define OPTAG as a symbolic name for OPSET. Optag names always start with a colon :. The optag name used must not be defined already (define_optag will croak if it is already defined). Optag names are global to the perl process and optag definitions cannot be altered or deleted once defined. It is strongly recommended that applications using Opcode should use a leading capital letter on their tag names since lowercase names are reserved for use by the Opcode module. If using Opcode within a module you should prefix your tags names with the name of your module to ensure uniqueness and thus avoid clashes with other modules. opmask_add (OPSET) Adds the supplied opset to the current opmask. Note that there is currently _n_o mechanism for unmasking ops once they have been masked. This is intentional. opmask Returns an opset corresponding to the current opmask. opdesc (OP, ...) This takes a list of operator names and returns the corresponding list of operator descriptions. opdump (PAT) Dumps to STDOUT a two column list of op names and op descriptions. If an optional pattern is given then only lines which match the (case insensitive) pattern will be output. It's designed to be used as a handy command line utility: perl -MOpcode=opdump -e opdump perl -MOpcode=opdump -e 'opdump Eval' PPPPaaaaggggeeee 3333 OOOOppppccccooooddddeeee((((3333)))) OOOOppppccccooooddddeeee((((3333)))) MMMMaaaannnniiiippppuuuullllaaaattttiiiinnnngggg OOOOppppsssseeeettttssss Opsets may be manipulated using the perl bit vector operators & (and), | (or), ^ (xor) and ~ (negate/invert). However you should never rely on the numerical position of any opcode within the opset. In other words both sides of a bit vector operator should be opsets returned from Opcode functions. Also, since the number of opcodes in your current version of perl might not be an exact multiple of eight, there may be unused bits in the last byte of an upset. This should not cause any problems (Opcode functions ignore those extra bits) but it does mean that using the ~ operator will typically not produce the same 'physical' opset 'string' as the invert_opset function. TTTTOOOO DDDDOOOO ((((mmmmaaaayyyybbbbeeee)))) $bool = opset_eq($opset1, $opset2) true if opsets are logically eqiv $yes = opset_can($opset, @ops) true if $opset has all @ops set @diff = opset_diff($opset1, $opset2) => ('foo', '!bar', ...) PPPPrrrreeeeddddeeeeffffiiiinnnneeeedddd OOOOppppccccooooddddeeee TTTTaaaaggggssss :base_core null stub scalar pushmark wantarray const defined undef rv2sv sassign rv2av aassign aelem aelemfast aslice av2arylen rv2hv helem hslice each values keys exists delete preinc i_preinc predec i_predec postinc i_postinc postdec i_postdec int hex oct abs pow multiply i_multiply divide i_divide modulo i_modulo add i_add subtract i_subtract left_shift right_shift bit_and bit_xor bit_or negate i_negate not complement lt i_lt gt i_gt le i_le ge i_ge eq i_eq ne i_ne ncmp i_ncmp slt sgt sle sge seq sne scmp substr vec stringify study pos length index rindex ord chr ucfirst lcfirst uc lc quotemeta trans chop schop chomp schomp match split list lslice splice push pop shift unshift reverse PPPPaaaaggggeeee 4444 OOOOppppccccooooddddeeee((((3333)))) OOOOppppccccooooddddeeee((((3333)))) cond_expr flip flop andassign orassign and or xor warn die lineseq nextstate unstack scope enter leave rv2cv anoncode prototype entersub leavesub return method -- XXX loops via recursion? leaveeval -- needed for Safe to operate, is safe without entereval :base_mem These memory related ops are not included in :base_core because they can easily be used to implement a resource attack (e.g., consume all available memory). concat repeat join range anonlist anonhash Note that despite the existance of this optag a memory resource attack may still be possible using only :base_core ops. Disabling these ops is a _v_e_r_y heavy handed way to attempt to prevent a memory resource attack. It's probable that a specific memory limit mechanism will be added to perl in the near future. :base_loop These loop ops are not included in :base_core because they can easily be used to implement a resource attack (e.g., consume all available CPU time). grepstart grepwhile mapstart mapwhile enteriter iter enterloop leaveloop last next redo goto :base_io These ops enable _f_i_l_e_h_a_n_d_l_e (rather than filename) based input and output. These are safe on the assumption that only pre-existing filehandles are available for use. To create new filehandles other ops such as open would need to be enabled. readline rcatline getc read formline enterwrite leavewrite print sysread syswrite send recv PPPPaaaaggggeeee 5555 OOOOppppccccooooddddeeee((((3333)))) OOOOppppccccooooddddeeee((((3333)))) eof tell seek sysseek readdir telldir seekdir rewinddir :base_orig These are a hotchpotch of opcodes still waiting to be considered gvsv gv gelem padsv padav padhv padany rv2gv refgen srefgen ref bless -- could be used to change ownership of objects (reblessing) pushre regcmaybe regcomp subst substcont sprintf prtf -- can core dump crypt tie untie dbmopen dbmclose sselect select pipe_op sockpair getppid getpgrp setpgrp getpriority setpriority localtime gmtime entertry leavetry -- can be used to 'hide' fatal errors :base_math These ops are not included in :base_core because of the risk of them being used to generate floating point exceptions (which would have to be caught using a $SIG{FPE} handler). atan2 sin cos exp log sqrt These ops are not included in :base_core because they have an effect beyond the scope of the compartment. rand srand :default A handy tag name for a _r_e_a_s_o_n_a_b_l_e default set of ops. (The current ops allowed are unstable while development continues. It will change.) :base_core :base_mem :base_loop :base_io :base_orig PPPPaaaaggggeeee 6666 OOOOppppccccooooddddeeee((((3333)))) OOOOppppccccooooddddeeee((((3333)))) If safety matters to you (and why else would you be using the Opcode module?) then you should not rely on the definition of this, or indeed any other, optag! :filesys_read stat lstat readlink ftatime ftblk ftchr ftctime ftdir fteexec fteowned fteread ftewrite ftfile ftis ftlink ftmtime ftpipe ftrexec ftrowned ftrread ftsgid ftsize ftsock ftsuid fttty ftzero ftrwrite ftsvtx fttext ftbinary fileno :sys_db ghbyname ghbyaddr ghostent shostent ehostent -- hosts gnbyname gnbyaddr gnetent snetent enetent -- networks gpbyname gpbynumber gprotoent sprotoent eprotoent -- protocols gsbyname gsbyport gservent sservent eservent -- services gpwnam gpwuid gpwent spwent epwent getlogin -- users ggrnam ggrgid ggrent sgrent egrent -- groups :browse A handy tag name for a _r_e_a_s_o_n_a_b_l_e default set of ops beyond the :default optag. Like :default (and indeed all the other optags) its current definition is unstable while development continues. It will change. The :browse tag represents the next step beyond :default. It it a superset of the :default ops and adds :filesys_read the :sys_db. The intent being that scripts can access more (possibly sensitive) information about your system but not be able to change it. :default :filesys_read :sys_db :filesys_open sysopen open close umask binmode open_dir closedir -- other dir ops are in :base_io PPPPaaaaggggeeee 7777 OOOOppppccccooooddddeeee((((3333)))) OOOOppppccccooooddddeeee((((3333)))) :filesys_write link unlink rename symlink truncate mkdir rmdir utime chmod chown fcntl -- not strictly filesys related, but possibly as dangerous? :subprocess backtick system fork wait waitpid glob -- access to Cshell via <`rm *`> :ownprocess exec exit kill time tms -- could be used for timing attacks (paranoid?) :others This tag holds groups of assorted specialist opcodes that don't warrant having optags defined for them. SystemV Interprocess Communications: msgctl msgget msgrcv msgsnd semctl semget semop shmctl shmget shmread shmwrite :still_to_be_decided chdir flock ioctl socket getpeername ssockopt bind connect listen accept shutdown gsockopt getsockname PPPPaaaaggggeeee 8888 OOOOppppccccooooddddeeee((((3333)))) OOOOppppccccooooddddeeee((((3333)))) sleep alarm -- changes global timer state and signal handling sort -- assorted problems including core dumps tied -- can be used to access object implementing a tie pack unpack -- can be used to create/use memory pointers entereval -- can be used to hide code from initial compile require dofile caller -- get info about calling environment and args reset dbstate -- perl -d version of nextstate(ment) opcode :dangerous This tag is simply a bucket for opcodes that are unlikely to be used via a tag name but need to be tagged for completness and documentation. syscall dump chroot SSSSEEEEEEEE AAAALLLLSSSSOOOO _o_p_s(3) -- perl pragma interface to Opcode module. _S_a_f_e(3) -- Opcode and namespace limited execution compartments AAAAUUUUTTTTHHHHOOOORRRRSSSS Originally designed and implemented by Malcolm Beattie, mbeattie@sable.ox.ac.uk as part of Safe version 1. Split out from Safe module version 1, named opcode tags and other changes added by Tim Bunce <_T_i_m._B_u_n_c_e@_i_g._c_o._u_k>. PPPPaaaaggggeeee 9999 OOOOppppccccooooddddeeee((((3333)))) OOOOppppccccooooddddeeee((((3333)))) PPPPaaaaggggeeee 11110000