The cl-secure-read Reference Manual

Table of Contents

Next: , Previous: , Up: (dir)   [Contents][Index]

The cl-secure-read Reference Manual

This is the cl-secure-read Reference Manual, generated automatically by Declt version 2.3 "Robert April" on Tue Jan 09 14:01:25 2018 GMT+0.


Next: , Previous: , Up: Top   [Contents][Index]

1 Introduction

cl-secure-read

Secure the lisp reader in spirit of Let Over Lambda. See section "Reader Security" on www.letoverlambda.com to get the initial idea.

Example:

CL-USER> (ql:quickload 'cl-secure-read)
CL-USER> (in-package cl-secure-read)
;; Define a function DEFAULT-RFS, which is a restricted version of READ-FROM-STRING
CL-SECURE-READ> (define-secure-read-from-string default-rfs :fail-value "caboom!")
CL-SECURE-READ> (default-rfs "123") ; this will read in number 123, as expected ...
;; ... and this will hopefully just return "caboom!",
;; not executing the removal shell-command.
CL-SECURE-READ> (default-rfs "#.(shell-eval \"rm -rf ./\"")

Now exports 4 macro:

Here are some notable parameters to macro, which control the behavior of resulting restricted reader:

Here is a full-fledged example, using most of the described features

;; use readtable :clesh, allow comments, special clesh bang-syntax, allow read-eval,
;; do not force standard-io-syntax, in case of failure return string "caboom!"
(let ((safe-read-from-string-whitelist '(#\; #\! (#\# #\.) :allow-read-eval :keep-io-syntax)))
  (define-secure-read-from-string not-so-strict-read-from-string :readtable :clesh :fail-value "caboom!"))

(not-so-strict-read-from-string "asdf") ; this will read-in symbol ASDF
(not-so-strict-read-from-string "#(1 2 3)") ; and this will return "caboom!"
;; since we've requested not to force io-syntax, we may control read-eval dynamically.
;; Here returns "caboom!", even though *READ-EVAL* was enabled in the definition
(let (*read-eval*)
  (not-so-strict-read-from-string "#.(1 2 3)"))

Syntax of black/white-lists

Black/white list may contain:

If BLACKLIST is NIL, all the macro-characters and dispatching macro-characters of the readtable are disabled, unless they are explicitly enabled in the WHITELIST. To actually enable all the macrocharacters in the readtable, use something like

:BLACKLIST (:t)

Next: , Previous: , Up: Top   [Contents][Index]

2 Systems

The main system appears first, followed by any subsystem dependency.


Previous: , Up: Systems   [Contents][Index]

2.1 cl-secure-read

Author

Alexander Popolitov <popolit@gmail.com>

License

GPLv3

Description

Secure lisp reader in spirit of Let over Lambda

Dependencies
Source

cl-secure-read.asd (file)

Components

Next: , Previous: , Up: Top   [Contents][Index]

3 Files

Files are sorted by type and then listed depth-first from the systems components trees.


Previous: , Up: Files   [Contents][Index]

3.1 Lisp


Next: , Previous: , Up: Lisp files   [Contents][Index]

3.1.1 cl-secure-read.asd

Location

cl-secure-read.asd

Systems

cl-secure-read (system)


Next: , Previous: , Up: Lisp files   [Contents][Index]

3.1.2 cl-secure-read/package.lisp

Parent

cl-secure-read (system)

Location

package.lisp

Packages

cl-secure-read


Previous: , Up: Lisp files   [Contents][Index]

3.1.3 cl-secure-read/cl-secure-read.lisp

Dependency

package.lisp (file)

Parent

cl-secure-read (system)

Location

cl-secure-read.lisp

Exported Definitions
Internal Definitions

Next: , Previous: , Up: Top   [Contents][Index]

4 Packages

Packages are listed by definition order.


Previous: , Up: Packages   [Contents][Index]

4.1 cl-secure-read

Source

package.lisp (file)

Use List
Exported Definitions
Internal Definitions

Next: , Previous: , Up: Top   [Contents][Index]

5 Definitions

Definitions are sorted by export status, category, package, and then by lexicographic order.


Next: , Previous: , Up: Definitions   [Contents][Index]

5.1 Exported definitions


Next: , Previous: , Up: Exported definitions   [Contents][Index]

5.1.1 Special variables

Special Variable: safe-read-from-string-blacklist

Macro characters to disable in a readtable. If NIL, disable all macrocharacters there are.

Package

cl-secure-read

Source

cl-secure-read.lisp (file)

Special Variable: safe-read-from-string-whitelist

Macro characters and features to enable in a readtable.
If NIL, nothing is enabled. Defaults to enabling construction of arbitrary conses and strings.

Package

cl-secure-read

Source

cl-secure-read.lisp (file)


Previous: , Up: Exported definitions   [Contents][Index]

5.1.2 Macros

Macro: define-secure-read SAFE-NAME &key READTABLE BLACKLIST WHITELIST PRESERVING-WHITESPACE FAIL-VALUE
Package

cl-secure-read

Source

cl-secure-read.lisp (file)

Macro: define-secure-read-from-string SAFE-NAME &key READTABLE BLACKLIST WHITELIST FAIL-VALUE
Package

cl-secure-read

Source

cl-secure-read.lisp (file)

Macro: secure-read-from-string-lambda SAFE-NAME &key READTABLE BLACKLIST WHITELIST FAIL-VALUE

Define a safer version of READ-FROM-STRING.
READTABLE is a name of a readtable, on base of which to build a ’locked’ version of a readtable. BLACKLIST is a list of macrocharacters and dispatching macro-characters not to allow. WHITELIST is a list of macrocharacters and dispatching macro-characters to allow.

Package

cl-secure-read

Source

cl-secure-read.lisp (file)

Macro: secure-read-lambda SAFE-NAME &key READTABLE BLACKLIST WHITELIST PRESERVING-WHITESPACE FAIL-VALUE
Package

cl-secure-read

Source

cl-secure-read.lisp (file)


Previous: , Up: Definitions   [Contents][Index]

5.2 Internal definitions


Next: , Previous: , Up: Internal definitions   [Contents][Index]

5.2.1 Macros

Macro: with-locked-readtable (NAME READTABLE BLACKLIST WHITELIST) &body BODY

Parse black and whitelists, lock the readtable, then pass control to the body.
Binds RT to tightened readtable, BLACKLIST and WHITELIST to parsed black- and white-list, respectively. NAME is the name of a function, which is used in the error report.

Package

cl-secure-read

Source

cl-secure-read.lisp (file)


Previous: , Up: Internal definitions   [Contents][Index]

5.2.2 Functions

Function: analyze-readtable-chars &optional READTABLE

Figure out, what characters in readtable are macro, and what are dispatch-macro.

Package

cl-secure-read

Source

cl-secure-read.lisp (file)

Function: expand-white-black-list LST

Expand keyword abbreviations, found in a whitelist.

Package

cl-secure-read

Source

cl-secure-read.lisp (file)

Function: hash->assoc HASH
Package

cl-secure-read

Source

cl-secure-read.lisp (file)


Previous: , Up: Top   [Contents][Index]

Appendix A Indexes


Next: , Previous: , Up: Indexes   [Contents][Index]

A.1 Concepts

Jump to:   C   F   L  
Index Entry  Section

C
cl-secure-read.asd: The cl-secure-read<dot>asd file
cl-secure-read/cl-secure-read.lisp: The cl-secure-read/cl-secure-read<dot>lisp file
cl-secure-read/package.lisp: The cl-secure-read/package<dot>lisp file

F
File, Lisp, cl-secure-read.asd: The cl-secure-read<dot>asd file
File, Lisp, cl-secure-read/cl-secure-read.lisp: The cl-secure-read/cl-secure-read<dot>lisp file
File, Lisp, cl-secure-read/package.lisp: The cl-secure-read/package<dot>lisp file

L
Lisp File, cl-secure-read.asd: The cl-secure-read<dot>asd file
Lisp File, cl-secure-read/cl-secure-read.lisp: The cl-secure-read/cl-secure-read<dot>lisp file
Lisp File, cl-secure-read/package.lisp: The cl-secure-read/package<dot>lisp file

Jump to:   C   F   L  

Next: , Previous: , Up: Indexes   [Contents][Index]

A.2 Functions

Jump to:   A   D   E   F   H   M   S   W  
Index Entry  Section

A
analyze-readtable-chars: Internal functions

D
define-secure-read: Exported macros
define-secure-read-from-string: Exported macros

E
expand-white-black-list: Internal functions

F
Function, analyze-readtable-chars: Internal functions
Function, expand-white-black-list: Internal functions
Function, hash->assoc: Internal functions

H
hash->assoc: Internal functions

M
Macro, define-secure-read: Exported macros
Macro, define-secure-read-from-string: Exported macros
Macro, secure-read-from-string-lambda: Exported macros
Macro, secure-read-lambda: Exported macros
Macro, with-locked-readtable: Internal macros

S
secure-read-from-string-lambda: Exported macros
secure-read-lambda: Exported macros

W
with-locked-readtable: Internal macros

Jump to:   A   D   E   F   H   M   S   W  

Next: , Previous: , Up: Indexes   [Contents][Index]

A.3 Variables

Jump to:   S  
Index Entry  Section

S
safe-read-from-string-blacklist: Exported special variables
safe-read-from-string-whitelist: Exported special variables
Special Variable, safe-read-from-string-blacklist: Exported special variables
Special Variable, safe-read-from-string-whitelist: Exported special variables

Jump to:   S  

Previous: , Up: Indexes   [Contents][Index]

A.4 Data types

Jump to:   C   P   S  
Index Entry  Section

C
cl-secure-read: The cl-secure-read system
cl-secure-read: The cl-secure-read package

P
Package, cl-secure-read: The cl-secure-read package

S
System, cl-secure-read: The cl-secure-read system

Jump to:   C   P   S