executors: modify shell_executor to work with new handlers

Riolku · Xyene · commit 485f2640ff10 · 2022-02-27T15:32:11.000-05:00
This seems to be the only extra handler.
diff --git a/dmoj/executors/shell_executor.py b/dmoj/executors/shell_executor.py
@@ -1,7 +1,7 @@
 import os
 import shutil
-import sys
 
+from dmoj.cptbox.isolate import DeniedSyscall, protection_fault
 from dmoj.executors.script_executor import ScriptExecutor
 
 
@@ -27,12 +27,11 @@ def get_security(self, launch_kwargs=None):
         sec = super().get_security(launch_kwargs)
         allowed = set(self.get_allowed_exec())
 
-        def handle_execve(debugger):
-            path = sec.get_full_path(debugger, debugger.readstr(debugger.uarg0))
-            if path in allowed:
-                return True
-            print('Not allowed to use command:', path, file=sys.stderr)
-            return False
+        def handle_execve(debugger) -> None:
+            path = sec.get_full_path_unnormalized(debugger, debugger.readstr(debugger.uarg0))
+            path = '/' + os.path.normpath(path).lstrip('/')
+            if path not in allowed:
+                raise DeniedSyscall(protection_fault, f'Not allowed to use command: {path}')
 
         sec[sys_execve] = handle_execve
         sec[sys_eaccess] = sec[sys_access]
