1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
|
#!/usr/bin/env python3
# Usage:
# _from=krebs state_dir=. python sed-plugin.py 'dick butt'
# _from=krebs state_dir=. python sed-plugin.py 's/t/l/g'
## dick bull
import shelve
from os import environ
from os.path import join
from sys import argv
d = shelve.open(join(environ['state_dir'],'sed-plugin.shelve'),writeback=True)
usr = environ['_from']
import re
def is_regex(line):
myre = re.compile(r'^s/((?:\\/|[^/])+)/((?:\\/|[^/])*)/([ig]*)$')
return myre.match(line)
line = argv[1]
m = is_regex(line)
if m:
f,t,flagstr = m.groups()
fn = f.replace('\/','/')
tn = t.replace('\/','/')
flags = 0
count = 1
if flagstr:
if 'i' in flagstr:
flags = re.IGNORECASE
if 'g' in flagstr:
count = 0
else:
flagstr = ''
last = d.get(usr,None)
if last:
from subprocess import Popen,PIPE
import shutil
from os.path import realpath
# sed only needs stdin/stdout, we protect state_dir with this
# input to read/write arbitrary files:
# s/.\/\/; w /tmp/i (props to waldi)
# conclusion: sed is untrusted and we handle it like this
p = Popen(['proot',
# '-v','1',
'-w','/', # cwd is root
'-b','/nix/store', # mount important folders
'-b','/usr',
'-b','/bin',
'-r','/var/empty', # chroot to /var/empty
realpath(shutil.which('sed')),
's/{}/{}/{}'.format(f,t,flagstr)],stdin=PIPE,stdout=PIPE )
so,se = p.communicate(bytes("{}\n".format(last),"UTF-8"))
if p.returncode:
print("something went wrong when trying to process your regex: {}".format(se.decode()))
ret = so.decode()
print("\x1b[1m{}\x1b[0m meinte: {}".format(usr,ret.strip()))
if ret:
d[usr] = ret
else:
print("no last message")
else:
d[usr] = line
d.close()
|
