Forum: Ruby “ThreadError: current thread not owner” using Sinatra?

6dd56028986d5e6c478e649ec229092b?d=identicon&s=25 Rafal C. (rafal_c)
on 2013-11-16 19:47
Attachment: _______problem1.png (100 KB)
Attachment: ____problem2.png (100 KB)
Attachment: ______problem3.png (60 KB)
I'm building a small Sinatra server which has one GET route called
`/execute`. It accepts a `code` parameter and runs the Ruby code from
that parameter using the `sandboxed` gem, returning a result in JSON.

    # /app.rb
    class MistressBase < Sinatra::Base
      get '/execute' do
        content_type :json
        Oj.dump( {
          'result' => safe { eval(URI.unescape(params[:code])) }
        } )
      end
    end

    # /config.ru
    require 'sinatra/base'
    require 'sandboxed'
    require 'uri'
    require 'oj'

    require './app'

    run MistressBase

When I run `shotgun config.ru` everything's fine. If I go to and pass
something simple like `http://localhost:9393/execute?code=70-1` I get
the expected JSON response of `{"result":69}`. However if I pass a
file-like string like
`require%20'benchmark'%0A%0ABenchmark.measure%20%7B%20'a'%20*%201_000_000%20%7D%0A%0A`
which is basically, this but `URI.escape`ed:

    require 'benchmark'

    Benchmark.measure { 'a' * 1_000_000 }

I get a `ThreadError at /execute` with the description of `current
thread not owner`. I have attached the backtrace.

Also, setting `code` the parameter to `/execute` to something like `1 -
1` (encoded) gives me the same error while `1-1` doesn't. What am I
missing? Why am I getting this error?
E0d864d9677f3c1482a20152b7cac0e2?d=identicon&s=25 Robert Klemme (robert_k78)
on 2013-11-18 15:53
(Received via mailing list)
On Sat, Nov 16, 2013 at 7:47 PM, Rafal C. <lists@ruby-forum.com> wrote:

> I get a `ThreadError at /execute` with the description of `current
> thread not owner`. I have attached the backtrace.
>
> Also, setting `code` the parameter to `/execute` to something like `1 -
> 1` (encoded) gives me the same error while `1-1` doesn't. What am I
> missing? Why am I getting this error?

Just guessing: method safe will probably start a new thread so it can
adjust $SAFE. The code in the block passed to safe probably somewhere
tries to access a critical section which the outer code has locked
already.

Kind regards

robert
6dd56028986d5e6c478e649ec229092b?d=identicon&s=25 Rafal C. (rafal_c)
on 2013-11-19 20:52
Robert Klemme wrote in post #1127735:

> Just guessing: method safe will probably start a new thread so it can
> adjust $SAFE. The code in the block passed to safe probably somewhere
> tries to access a critical section which the outer code has locked
> already.

Any way to avoid that and be able to run code safely in my setup and
scenario?
Please log in before posting. Registration is free and takes only a minute.
Existing account

NEW: Do you have a Google/GoogleMail, Yahoo or Facebook account? No registration required!
Log in with Google account | Log in with Yahoo account | Log in with Facebook account
No account? Register here.