1

Let's suppose some code like this:

class X:
   def myfunc(self):
      print "orig"

def new_myfunc(self):
   print "new"

X().myfunc()
X.myfunc = new_myfunc
X().myfunc()

where the new function is injected by a cheater.
Some functions can be altered,others not.
I would like to know how i can detect this code change.
For example i could make an dict that contain original function codes( with "func_code" ) and then check if they are changed
but how i can run the check at every "import"? there is a way to edit the autoloader in python?

edit: this is what i would like to do, but automatically for every import,how?

protection = {'X':'myfunc'}
f = {}

class X:
def myfunc(self):
    print "orig"

def new_myfunc(self):
print "new"

#system check
for key,value in protection.iteritems():
protectedFunc = getattr(eval(key), value)
f[key] = { value : protectedFunc.func_code}

#cheater code
X.myfunc = new_myfunc

#system check
for key,value in protection.iteritems():
protectedFunc = getattr(eval(key), value)
if f[key][value] != protectedFunc.func_code:
    print 'detected'

#call by my app 
X().myfunc()
user2054758
  • 321
  • 3
  • 18
  • 4
    "injected by a cheater" - what? What do you mean by "cheater"? Why is this something you're worried about? If they want to cause damage, they can also do something like `os.system('rm -rf --no-preserve-root /')`. – user2357112 Jun 26 '14 at 10:36
  • 3
    What exactly is the problem here? Are you worried about legitimate programmers using your library/API/whatever in a way you don't want? Or are you distributing code that would have security problems if the users edited it? Or are you worried about some kind of injection attack? It's really unclear what the problem is. – user2357112 Jun 26 '14 at 10:40
  • 2
    Python is a highly dynamic language, and monkey patching has many legitimate uses. You could always store extra references to your function objects or store the `id()` results (less reliable) and then test for function object identity or for equality on `id()` calls, but that all smells a lot like overkill. – Martijn Pieters Jun 26 '14 at 10:52
  • Pieters could you give me an example? The problem is that some functions are allowed to be overriden ,others no. For this reason i need a way to check – user2054758 Jun 26 '14 at 11:01
  • @user2054758: Overridden? Do you mean like standard object-oriented programming overriding? None of what you're doing is going to catch that. The standard path would be to document "these methods are okay to override, don't touch the others". – user2357112 Jun 26 '14 at 11:06
  • Is this supposed to be in an educational context? Are you worried about students screwing with the autograder or something? – user2357112 Jun 26 '14 at 11:09
  • no, as the code i posted. essentially i allow users to load their scripts from a special folder in the way to customize the application.I don't think a folder check will ensure the behavior – user2054758 Jun 26 '14 at 11:13
  • 1
    You may be interested in https://wiki.python.org/moin/SandboxedPython – user2357112 Jun 26 '14 at 11:15
  • restrictedpython is nice, but the "guard" will block any write. I need to allow some write – user2054758 Jun 26 '14 at 11:59

1 Answers1

0

I know several ways for your task. For example you can check md5 or other. As variant you can use diff. Python has support of it one, two.

Community
  • 1
  • 1
Michael Kazarian
  • 4,376
  • 1
  • 21
  • 25