/// <summary>
        /// Construct a new allowlist entry that will match based on tool and path.
        /// </summary>
        /// <param name="executablePath">The exact full path to the tool that does the bad access.</param>
        /// <param name="pathRegex">The ECMAScript regex pattern that will be used as the basis for the match.</param>
        /// <param name="allowsCaching">
        /// Whether this allowlist rule should be interpreted to allow caching of a pip that matches
        /// it.
        /// </param>
        /// <param name="name">Name of the allowlist entry. Defaults to 'Unnamed' if null/empty.</param>
        public ExecutablePathAllowlistEntry(AbsolutePath executablePath, SerializableRegex pathRegex, bool allowsCaching, string name)
            : base(pathRegex, allowsCaching, name)
        {
            Contract.Requires(executablePath.IsValid);
            Contract.Requires(pathRegex != null);

            m_executablePath = executablePath;
        }
Exemple #2
0
        /// <summary>
        /// Protected constructor
        /// </summary>
        protected FileAccessWhitelistEntry([NotNull] SerializableRegex pathRegex, bool allowsCaching, string name)
        {
            Contract.Requires(pathRegex != null);

            PathRegex     = pathRegex;
            AllowsCaching = allowsCaching;
            Name          = string.IsNullOrEmpty(name) ? "Unnamed" : name;
        }
Exemple #3
0
        /// <summary>
        /// Construct a new allowlist entry.
        /// </summary>
        /// <param name="outputValue">BuildXL value name associated with this entry.  This will be *exactly* matched.</param>
        /// <param name="pathRegex">The ECMAScript regex pattern that will be used as the basis for the match.</param>
        /// <param name="allowsCaching">
        /// Whether this allowlist rule should be interpreted to allow caching of a pip that matches
        /// it.
        /// </param>
        /// <param name="name">Name of the allowlist entry. Defaults to 'Unnamed' if null/empty.</param>
        public ValuePathFileAccessAllowlistEntry(FullSymbol outputValue, SerializableRegex pathRegex, bool allowsCaching, string name)
            : base(pathRegex, allowsCaching, name)
        {
            Contract.Requires(outputValue.IsValid);
            Contract.Requires(pathRegex != null);

            m_outputValue = outputValue;
        }
Exemple #4
0
        /// <summary>
        /// Reads the serialization state
        /// </summary>
        protected static SerializationState ReadState(BinaryReader reader)
        {
            SerializationState state = default(SerializationState);

            state.AllowsCaching = reader.ReadBoolean();
            state.PathRegex     = SerializableRegex.Read(reader);
            state.Name          = reader.ReadString();

            return(state);
        }
        /// <summary>
        /// Make a regex to match the given string path fragment.
        /// </summary>
        public static bool TryCreateWhitelistRegex(string pattern, out SerializableRegex whitelistRegex, out string error)
        {
            Contract.Requires(!string.IsNullOrEmpty(pattern), "Regex pattern must not be null or empty.");

            whitelistRegex = null;
            error          = null;

            try
            {
                whitelistRegex = RegexWithProperties(pattern);
            }
            catch (ArgumentException e)
            {
                error = e.Message;
                return(false);
            }

            return(true);
        }
 /// <summary>
 /// Construct a new allowlist entry that will match based on tool and full path
 /// </summary>
 /// <param name="executableName">The executable name of the tool that does the bad access.</param>
 /// <param name="pathRegex">The ECMAScript regex pattern that will be used as the basis for the match.</param>
 /// <param name="allowsCaching">
 /// Whether this allowlist rule should be interpreted to allow caching of a pip that matches
 /// it.
 /// </param>
 /// <param name="name">Name of the allowlist entry. Defaults to 'Unnamed' if null/empty.</param>
 public ExecutablePathAllowlistEntry(PathAtom executableName, SerializableRegex pathRegex, bool allowsCaching, string name)
     : this(new DiscriminatingUnion <AbsolutePath, PathAtom>(executableName), pathRegex, allowsCaching, name)
 {
     Contract.Requires(executableName.IsValid);
 }
        /// <summary>
        /// Construct a new allowlist entry that will match based on tool and path.
        /// </summary>
        /// <param name="executable">The exact full path or the executable name to the tool that does the bad access.</param>
        /// <param name="pathRegex">The ECMAScript regex pattern that will be used as the basis for the match.</param>
        /// <param name="allowsCaching">
        /// Whether this allowlist rule should be interpreted to allow caching of a pip that matches
        /// it.
        /// </param>
        /// <param name="name">Name of the allowlist entry. Defaults to 'Unnamed' if null/empty.</param>
        public ExecutablePathAllowlistEntry(DiscriminatingUnion <AbsolutePath, PathAtom> executable, SerializableRegex pathRegex, bool allowsCaching, string name)
            : base(pathRegex, allowsCaching, name)
        {
            Contract.RequiresNotNull(executable);
            Contract.Requires(pathRegex != null);

            Executable = executable;
        }