patterns: Disallow calling of dangerous functions by default

Closes #330

plugins/libimhex/include/hex/pattern_language/ast_node.hpp

@@ -6,8 +6,10 @@
 
 #include <algorithm>
 #include <bit>
+#include <chrono>
 #include <optional>
 #include <map>
+#include <thread>
 #include <variant>
 #include <vector>
 
@@ -1899,7 +1901,23 @@ namespace hex::pl {
             }
 
             try {
-                auto result = functions[this->m_functionName].func(evaluator, evaluatedParams);
+                auto &function = functions[this->m_functionName];
+
+                if (function.dangerous && evaluator->getDangerousFunctionPermission() != DangerousFunctionPermission::Allow) {
+                    evaluator->dangerousFunctionCalled();
+
+                    while (evaluator->getDangerousFunctionPermission() == DangerousFunctionPermission::Ask) {
+                        using namespace std::literals::chrono_literals;
+
+                        std::this_thread::sleep_for(100ms);
+                    }
+
+                    if (evaluator->getDangerousFunctionPermission() == DangerousFunctionPermission::Deny) {
+                        LogConsole::abortEvaluation(hex::format("calling of dangerous function '{}' is not allowed", this->m_functionName), this);
+                    }
+                }
+
+                auto result = function.func(evaluator, evaluatedParams);
 
                 if (result.has_value())
                     return new ASTNodeLiteral(result.value());

plugins/libimhex/include/hex/pattern_language/evaluator.hpp

@@ -15,6 +15,12 @@ namespace hex::prv { class Provider; }
 
 namespace hex::pl {
 
+    enum class DangerousFunctionPermission {
+        Ask,
+        Deny,
+        Allow
+    };
+
     class PatternData;
     class PatternCreationLimiter;
     class ASTNode;
@@ -181,6 +187,25 @@ namespace hex::pl {
             this->m_envVariables[name] = value;
         }
 
+        [[nodiscard]]
+        bool hasDangerousFunctionBeenCalled() const {
+            return this->m_dangerousFunctionCalled;
+        }
+
+        void dangerousFunctionCalled() {
+            this->m_dangerousFunctionCalled = true;
+        }
+
+        void allowDangerousFunctions(bool allow) {
+            this->m_allowDangerousFunctions = allow ? DangerousFunctionPermission::Allow : DangerousFunctionPermission::Deny;
+            this->m_dangerousFunctionCalled = false;
+        }
+
+        [[nodiscard]]
+        DangerousFunctionPermission getDangerousFunctionPermission() const {
+            return this->m_allowDangerousFunctions;
+        }
+
     private:
 
         void patternCreated();
@@ -210,6 +235,9 @@ namespace hex::pl {
         std::map<std::string, Token::Literal> m_inVariables;
         std::map<std::string, size_t> m_outVariables;
 
+        std::atomic<bool> m_dangerousFunctionCalled = false;
+        std::atomic<DangerousFunctionPermission> m_allowDangerousFunctions = DangerousFunctionPermission::Ask;
+
         friend class PatternCreationLimiter;
     };
 

plugins/libimhex/include/hex/pattern_language/pattern_language.hpp

@@ -53,6 +53,10 @@ namespace hex::pl {
         [[nodiscard]]
         u32 getMaximumPatternCount();
 
+        [[nodiscard]]
+        bool hasDangerousFunctionBeenCalled() const;
+        void allowDangerousFunctions(bool allow);
+
     private:
         Preprocessor *m_preprocessor;
         Lexer *m_lexer;