-
Notifications
You must be signed in to change notification settings - Fork 183
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
YAML cache "bypasses" permitted_classes in some cases #434
Comments
Thanks for the report, I introduced this in #392 and the intent was:
Here you seem to always use the |
If you comment out the first |
Ok, I just dug a bit more, and I think the issue is that our |
…ad_file Fix: #434 Our strictness was based on the incorrect assumption that all extra types would use a tag, which is incorrect as `Time` and `Date` objects can be expressed in regular YAML syntax without the use of `!ruby/object`.
#435 should fix this. |
I made sure the issue is in bootsnap
Steps to reproduce
The YAML cache provided by Bootsnap loads some types that are permitted by MessagePack, but not by YAML by default.
YAML.load_file
usesYAML.load
under the covers which restricts the set of classes that can be loaded dynamically. E.g.,YAML.load
will loadSymbol
, but notDate
orTime
. MessagePack will loadDate
andTime
, but notDateTime
. While I experimented with a few different serialized objects, I'm not sure that the list of potentially affected classes is exhaustive.To illustrate the issue, I wrote a small script that attempts to a YAML document both before and after Bootsnap has been loaded. Since loading Bootsnap with the YAML cache will monkeypatch
YAML
, each example needs to be run in a new process to ensure everything starts in a clean state. I naively handled that in the script by making the user supply the class name (with minimal validation) or it'll default toDate
.You'd run it with one of the following:
The script:
Expected behavior
I'd expect
YAML.load_file
to be functionally the same before and after loading Bootsnap's YAML cache. I.e., I'd expect the cache is an optimization with no visible effects on behavior.Actual behavior
Loading the Bootsnap YAML cache on supported Ruby interpreters (where "supported" is defined by Bootsnap internals) will allow the loading of some classes that wouldn't be allowed if the YAML cache were not used:
In contrast, on a Ruby interpreter where the YAML compile cache is not supported, such as TruffleRuby, we see:
To load the code properly on an interpreter not supported by Bootsnap's YAML cache, we would have to supply the
permitted_classes
option toYAML.load_file
(e.g.,YAML.load_file("my.yml", permitted_classes: [Date, Time])
. While that will allow the code example to work the same on all Ruby interpreters, it bypasses the YAML cache entirely because thepermitted_classes
kwarg is not a supported option for the cache.System configuration
Bootsnap version: 1.15.0
Ruby version: ruby 3.2.0 (2022-12-25 revision a528908271) and TruffleRuby 23.0.0-dev
The text was updated successfully, but these errors were encountered: