b/c...py: secure input and output files

Do not use environmental variables `INPUT_FILE` and `OUTPUT_FILE`
2024-08-26 22:44:58 +03:00 · 2024-08-26 22:44:58 +03:00 · 974f7eb53b
commit 974f7eb53b
parent f70ef4c74d
1 changed files with 9 additions and 13 deletions
--- a/bytebeat_compiler.py
+++ b/bytebeat_compiler.py
@ -5,7 +5,7 @@ if __name__ == "__main__":
 from argparse import ArgumentParser
 from os import environ, makedirs, name as os_name, rename
-from os.path import basename, exists, join as path_join
+from os.path import exists, join as path_join
 from shlex import join as command_line_join, split as command_line_split
 from shutil import which
 from sys import stdin, stdout
@ -46,9 +46,7 @@ DEFAULT_PARAMETERS = {
 	"CC": "cc",
 	"CFLAGS": "-Ofast -march=native -mtune=native -Wall -Wextra -Wpedantic "
 	          "-pedantic -Wno-unused-variable -Wno-unused-but-set-variable "
-	          "-Wno-dangling-else -Wno-parentheses -std=c99",
+	          "-Wno-dangling-else -Wno-parentheses -std=c99"
 	"INPUT_FILE": PATHS["substitute_kept"],
 	"OUTPUT_FILE": PATHS["output_kept"]
 }
 stdout_atty = hasattr(stdout, "isatty") and stdout.isatty()
@ -111,8 +109,6 @@ if os_name == "nt":
 	]
 CFLAGS = fetch("CFLAGS")
 INPUT_FILE = fetch("INPUT_FILE")
 OUTPUT_FILE = fetch("OUTPUT_FILE")
 if extra := fetch("CFLAGS_EXTRA"):
 	CFLAGS += " " + extra
@ -123,8 +119,8 @@ if __name__ == "__main__":
 	parser = ArgumentParser(description=\
 		"Substitutes supplied C (non-JavaScript!) bytebeat into the template, "
 		"then attempts to compile the instance of the template. Accepts "
-		"environmental variables `CC`, `CFLAGS`, `INPUT_FILE`, `OUTPUT_FILE`. "
+		"environmental variables `CC`, `CFLAGS`. `CFLAGS_EXTRA` can be used to "
-		"`CFLAGS_EXTRA` can be used to add to default `CFLAGS`.")
+		"add to default `CFLAGS`.")
 	parser.add_argument("file", type=str,
 		help="bytebeat formula file (use `-` to read from stdin)")
 	parser.add_argument("-o", "--output", default="output.wav", type=str,
@ -257,9 +253,9 @@ if __name__ == "__main__":
 			                 "CC.")
 	with TemporaryDirectory() as tmpdirname:
-		temporary_path = lambda path: path_join(tmpdirname, basename(path))
+		temporary_path = lambda path: path_join(tmpdirname, path)
-		substitute_temp = temporary_path(INPUT_FILE)
+		substitute_temp = temporary_path(PATHS["substitute"])
 		rewrite_file(substitute_temp, substitute_vars({
 			"bytebeat_contents": bytebeat_contents,
 			"output_file": C_str_repr(args.output),
@ -288,7 +284,7 @@ if __name__ == "__main__":
 		# Compile
 		print("Compiling")
-		output_file_temp = temporary_path(OUTPUT_FILE)
+		output_file_temp = temporary_path(PATHS["output"])
 		run_command(
 			CC,
@ -303,5 +299,5 @@ if __name__ == "__main__":
 		if args.keep_files:
 			makedirs(PATHS["bin_dir"], exist_ok=True)
-			rename(substitute_temp, INPUT_FILE)
+			rename(substitute_temp, PATHS["substitute_kept"])
-			rename(output_file_temp, OUTPUT_FILE)
+			rename(output_file_temp, PATHS["output_kept"])