Skip to content

Commit

Permalink
Add vips_block_untrusted_set and vips_operation_block_set methods
Browse files Browse the repository at this point in the history
  • Loading branch information
aglushkov committed Dec 20, 2023
1 parent dde924b commit e66b614
Show file tree
Hide file tree
Showing 4 changed files with 47 additions and 4 deletions.
5 changes: 5 additions & 0 deletions lib/vips/operation.rb
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,11 @@
require "set"

module Vips
if at_least_libvips?(8, 13)
attach_function :vips_block_untrusted_set, [:bool], :void
attach_function :vips_operation_block_set, %i[string bool], :void
end

private

attach_function :vips_operation_new, [:string], :pointer
Expand Down
34 changes: 34 additions & 0 deletions spec/block_operations_spec.rb
Original file line number Diff line number Diff line change
@@ -0,0 +1,34 @@
require "spec_helper"

RSpec.describe Vips, version: [8, 13] do
let(:svg_image) { simg("lion.svg") }
let(:jpg_image) { simg("wagon.jpg") }

if has_svg?
it "can block untrusted operations", svg: true do
untrusted_image = svg_image # svgload operation is known as untrusted

# Block
Vips.vips_block_untrusted_set(true)
expect { Vips::Image.new_from_file(untrusted_image) }.to raise_error Vips::Error, /svgload/

# Unblock
Vips.vips_block_untrusted_set(false)
expect { Vips::Image.new_from_file(untrusted_image) }.not_to raise_error
end
end

if has_jpeg? && has_svg?
it "can block specific operations" do
# Block all loaders except jpeg
Vips.vips_operation_block_set("VipsForeignLoad", true)
Vips.vips_operation_block_set("VipsForeignLoadJpeg", false)
expect { Vips::Image.new_from_file(svg_image) }.to raise_error Vips::Error, /svgload/
expect { Vips::Image.new_from_file(jpg_image) }.not_to raise_error

# Unblock all loaders
Vips.vips_operation_block_set("VipsForeignLoad", false)
expect { Vips::Image.new_from_file(svg_image) }.not_to raise_error
end
end
end
4 changes: 0 additions & 4 deletions spec/image_spec.rb
Original file line number Diff line number Diff line change
@@ -1,9 +1,5 @@
require "spec_helper"

def has_jpeg?
Vips.type_find("VipsOperation", "jpegload") != nil
end

RSpec.describe Vips::Image do
it "can save an image to a file" do
filename = timg "x.v"
Expand Down
8 changes: 8 additions & 0 deletions spec/spec_helper.rb
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,14 @@ def timg(name)
File.join(@temp_dir, name)
end

def has_jpeg?
Vips.type_find("VipsOperation", "jpegload") != nil
end

def has_svg?
Vips.type_find("VipsOperation", "svgload") != nil
end

RSpec.configure do |config|
config.around do |example|
Dir.mktmpdir("ruby-vips-spec-") do |dir|
Expand Down

0 comments on commit e66b614

Please sign in to comment.