blob: 9cf42af04e0687e5dff3e4abc714c5dd1b29af52 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
|
# -*- coding: utf-8 -*-
# Copyright 2018 The Chromium OS Authors. All rights reserved.
# Use of this source code is governed by a BSD-style license that can be
# found in the LICENSE file.
"""Allowlist functions."""
from __future__ import print_function
import glob
import os
import re
# Matching a string of length m in an NFA of size n is O(mn^2), but the
# performance also depends largely on the implementation. It appears to be fast
# enough according to the tests.
#
# The performance bottleneck of this script is readelf. Unless this becomes
# slower than readelf, don't waste time here.
def is_allowlisted(list_name, pattern):
"""Check whether the given pattern is specified in the allowlist.
Args:
list_name: name of the allowlist.
pattern: the target string.
Returns:
True if matched otherwise False.
"""
return pattern and allowlists[list_name].match(pattern)
def prepare_allowlist(patterns):
"""Join and compile the re patterns.
Args:
patterns: regex patterns.
Returns:
A compiled re object.
"""
return re.compile('|'.join(patterns))
def load_allowlists(dirname):
"""Load allowlists under dirname.
An allowlist ends with .allowlist.
Args:
dirname: path to the dir.
Returns:
A dictionary of 'filename' -> allowlist matcher.
"""
wlist = {}
for fn in glob.glob(os.path.join(dirname, '*.allowlist')):
key = os.path.splitext(os.path.basename(fn))[0]
with open(fn, 'r', encoding='utf-8') as f:
patterns = f.read().splitlines()
patterns = [l for l in patterns if l != '']
patterns = [l for l in patterns if l[0] != '#']
wlist[key] = prepare_allowlist(patterns)
return wlist
allowlists = load_allowlists(os.path.dirname(__file__))
|