[option_greek]

Nice project. Will be more useful if there is an explanation of code generated. For example, making the various assembly instructions clickable and displaying information about them. Also a tiny bit of explanation about code and data sections might be of help too :)

[ynh]

Ok added to the todo list

[wutwot]

You don't filter out CPP macro's. I would skip that and only allow C code. Or run this thing in a proper jail because at the moment:

- doing an include #include "/dev/random" will block the thread. - including "/etc/passwd" is also possible although I don't see a direct way to turn this into password disclosure.

Seriously; even if it's a weekend project, letting people run all kinds of potentially bad code on your machine is never a good idea. Even though you don't run the binaries yourself there's so many ways to mess around with a compiler. You just don't know what's going to happen.

[__alexs]

chroot would probably be sufficient. Barring some sort of code execution vuln in the compiler you can only load stuff off of the filesystem.

Having the actual CPP available is nice because some bits of libc are only macros.

[ynh]

I have now added some basic macro detection

[yonilevy]

#define x "/etc/passwd" #include x

[ynh]

I have now fixed it. But I think there must be an other way to make it safe. Maybe a sandbox

[dzorz]

This is part of your /etc/shadow file:

    root:censored

We can still read /etc/ssh/ssh_host_rsa_key, etc.

Edit: removed hash, sorry

[espes]

If it's a server used for other things, definitely a sandbox. gcc's not exactly security hardend. Best one (novel solution, though the code's old and shit) I've come across: https://pts-mini-gpl.googlecode.com/svn/trunk/uevalrun/doc/u...

[ynh]

I have now used a the wrapper by gcc-explorer https://github.com/mattgodbolt/gcc-explorer/blob/master/c-pr...

[Ubiquite]

I could have made the same comment. Good project, could be useful to me. A peace of asm documentation would be tasty.