Run Code  | Code Wall  | Users  | Misc  | Feedback  | About  | Login  | Theme 

About

Rextester - some online tools for anyone who finds them useful. It was started as online .net regex tester. Rextester stands for regular expression tester.

All code snippets that are accessible to general public (it's not indicated they are private while saving them) are in the public domain.

Short faq and troubleshooting.
Discussion forum.

Source code: part I and part II


Regex tester - .net regex tester.
Regex replace - .net regex replacement.
Regex reference - short regex reference.
Diff checker - find difference between two text fragments.
Run code - online compiling and execution for some languages.

C#, Visual basic
.Net framework v. 4.5 is used. Your code will be given max 5 sec of cpu time and limited memory (~150 Mb). Also your code will run in an appdomain with basic execution, reflection, thread control and web privileges only.
The entry point for your code is given Main method in type Program in namespace Rextester. This entry point shouldn't be changed. Types from following assemblies are available:
  • System.dll
  • System.Core.dll
  • System.Data.dll
  • System.Data.DataSetExtensions.dll
  • System.Xml.dll
  • System.Xml.Linq.dll
  • System.Numerics.dll
  • Microsoft.CSharp.dll - when C# is used
  • Microsoft.VisualBasic.dll - when Visual Basic is used
  • System.Net.dll
  • System.Web.dll
  • System.ComponentModel.DataAnnotations.dll
  • System.ComponentModel.Composition.dll
  • System.Drawing.dll
  • Newtonsoft.Json.dll
  • Let us know if you need more.
If you found security breaches and can break something in some way - we would appreciate your feedback on this.
Compiler versions:
Sql Server
Sql Server 2014 Express Edition is used. There is only one database that queries run against. Queries executed on behalf database owner so all sort of actions are allowed including DDL queries. However, all actions run in transaction which is rolled back immediately after execution is over. This way any desired objects may be built, populated with data and worked on within the scope of one request. There is 10 seconds limit for work to be completed. Execution of queries is achieved using ado.net mechanisms, in particular SqlDataReader type. This reader is also monitored for memory and cpu consumption.
'GO' statement just like in transact sql has special meaning: 'GO' will be removed from your code, but statements separated by 'GO' will be executed separately, in different batches. So, for example, if you want to create a function and later use it in select statement you have to separate create statement and select statement by 'GO', otherwise you'll receive an error from parser since in select statement you would be reffering to a function which doesn't yet exist.
For convinience there is simple pre-built schema, shown here.
MySQL
MySQL version 5.7.12 is used (on Windows). There is only one database that queries run against. Queries executed on behalf database owner so all sort of actions are allowed including DDL queries. However, all actions run in transaction which is rolled back immediately after execution is over. This way any desired objects may be built, populated with data and worked on within the scope of one request. There is 10 seconds limit for work to be completed. Unfortunately MySQL doesn't support rollback of DDL statements, so once object is created it stays. Therefore one should check if object exists before creating it and ideally drop it at the end of the script.
PostgreSQL
PostgreSQL setup is simillar to Sql Server.
Oracle
Oracle setup is simillar to MySQL.

Visual C++ (and C)
Your code is compiled to native binary which runs on Windows Server 2012 (maximum compile time is 30 seconds). Your process will be associated with job object that has LimitFlags.JOB_OBJECT_LIMIT_KILL_ON_JOB_CLOSE flag set. After 10 seconds of execution this process will be killed. This used to be the only security measures for a while. However, after discovering dubious services running and questionable .exes at some weird places it was decided to sandbox all usercode through Sandboxie.
Also let us know if you need some other Windows-based compilers.
Compiler version:
Client Side
This option allows you to create full javascript/css/html fiddle that runs in your browser. The result is displayed in a separate iframe. You can use anything that runs on a client side. Errors are examined in your browser's developer console.

Java, Python, C, C++ and others
These languages run on linux. For some languages compiler parameters could be supplied. Here are compiler versions (you can always check by running commands on a server): Your code will be run on behalf special user and group. Also your code will be executed from Python wrapper which sets various limits to the process. It does so by using 'setrlimit' system call. You'll have max 30 sec to compile, max 5 sec of cpu time to run, limited memory (~1500 Mb) and other restrictions will apply (like no writing permissions). Also your process and all its children will be run in a newly created process group which will be terminated after 10 seconds from start if still running.

We don't claim that this is secure. In many senses you'll have the power of special user. On a bright side, this has some useful side-effects. The reason why, at least for now, we leave so many potential security breaches is because it's hard to make it really secure. What are the options?
  • Codepad seems to 'ptrace' everything and disallow many system calls, for example, 'fork()'. That's pretty restrictive.
  • Apparmor - out of everything we tried, this did the job pretty well and it was rather easy to configure. But it doesn't work with OpenVZ virtualization that is used by our server provider.
  • SELinux - stopped reading documentation in the middle of it. Too (unnecessarily?) complex.
  • Native security mechanisms - like chroot and file permissions. Hard to make it secure this way without breaking the service and the system.
  • Chromium sandboxes that exist both for windows and linux. These sandboxes run chrome's page renderers and probably quite secure. Drawbacks are: hard to setup and possibly too limiting (however this needs to be verified)
So, if you can take the system down - then be it, but please report how you did this. Your advice on this topic is always welcome.

Input support
Everything that will be submitted as input will be piped to process via stdin stream. So your code should consume input as if it came from keyboard.

Live collaboration
Write code so that others see this real-time. Every participant can make changes and see changes made by others. We use Firepad and Firebase.

Credit
Special thanks goes to people behind CodeMirror, Edit area, Roslyn, MarkdownDeep, Firepad (and Firebase) and Coderev.

Code wall
Code wall as well as personal code walls - place code on a wall for public display. These entries will be crawled by search engines, so one possible use is to put there scripts that you may need for easy access later. For example, whenever I need a sql script for searching database definitions I simply search for 'sql definition rextester' and there is my script (it seems that code wall is crawled better than personal walls, though). It's important that code snippet have a meaningful title.

Feedback - give us feedback. We have implemented a lot of requests so far.
Login - once logged in you'll be able to track your saved snippets and more.


Stats (since 2013-08-15)
Language     Runs    
C# 9256337
Pascal 2060562
C (gcc) 1848677
C++ (gcc) 1275377
Java 1226381
Sql Server 794108
Common Lisp 777008
Python 3 662717
C++ (vc++) 587869
Haskell 572764
R 415097
Python 400626
MySQL 358258
Javascript 338614
Visual Basic 294623
C++ (clang) 292653
PostgreSQL 237505
Oracle 234375
Php 229050
Node.js 227918
Tcl 195533
Prolog 183884
Perl 168316
Bash 142891
Assembly 138635
Lua 113311
Objective-C 111789
Ruby 108215
C (clang) 98182
Octave 77248
C (vc) 73940
Scheme 37870
Scala 34299
Swift 21951
Fortran 20748
F# 20645
Brainfuck 17800
Ada 17016
Go 15978
Kotlin 15884
D 14760
Elixir 6233
Ocaml 2448
Erlang 2273

Api
Restfull api is supported (POST only) at http://rextester.com/rundotnet/api. What needs to be supplied are these values (as http data name=val&name2=val2, content type header must not indicate json):
    LanguageChoice=Language number (see below)
    Program=Code to run
    Input=Input to be supplied to stdin of a process
    CompilerArgs=compiler args as one string (when applicable)
Returned is json string with the following properties:
    Result=Output of a program (in case of Sql Server - html)
    Warnings=Warnings, if any, as one string
    Errors=Errors, if any, as one string
    Stats=Execution stats as one string
    Files=In case of Octave and R - list of png images encoded as base64 strings
Language numbers:
    C# = 1
    VB.NET = 2
    F# = 3
    Java = 4
    Python = 5
    C (gcc) = 6
    C++ (gcc) = 7
    Php = 8
    Pascal = 9
    Objective-C = 10
    Haskell = 11
    Ruby = 12
    Perl = 13
    Lua = 14
    Nasm = 15
    Sql Server = 16
    Javascript = 17
    Lisp = 18
    Prolog = 19
    Go = 20
    Scala = 21
    Scheme = 22
    Node.js = 23
    Python 3 = 24
    Octave = 25
    C (clang) = 26
    C++ (clang) = 27    
    C++ (vc++) = 28
    C (vc) = 29
    D = 30
    R = 31
    Tcl = 32
    MySQL = 33
    PostgreSQL = 34
    Oracle = 35
    Swift = 37
    Bash = 38
    Ada = 39
    Erlang = 40
    Elixir = 41
    Ocaml = 42
    Kotlin = 43
    Brainfuck = 44
    Fortran = 45

Full javascript example:
<!DOCTYPE html>
<html>
<body>

    <head>
    <script src="https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js"></script>
    <script>
    $(document).ready(function(){
        $("button").click(function(){

		    var to_compile = {
			    "LanguageChoice": "1",
			    "Program": $("#code").val(),
			    "Input": "",
			    "CompilerArgs" : ""
		    };

		    $.ajax ({
			        url: "http://rextester.com/rundotnet/api",
			        type: "POST",
			        data: to_compile
			    }).done(function(data) {
			        alert(JSON.stringify(data));
			    }).fail(function(data, err) {
			        alert("fail " + JSON.stringify(data) + " " + JSON.stringify(err));
		        });
	    });
    });
    </script>
    </head>

    <textarea id="code">
        using System;
        using System.Collections.Generic;
        using System.Linq;
        using System.Text.RegularExpressions;

        namespace Rextester
        {
            public class Program
            {
                public static void Main(string[] args)
                {
                    //Your code goes here
                    Console.WriteLine("Hello, world!");
                }
            }
        }      
    </textarea>
    <button id="run">Run</button>

</body>
</html>
    

Api stats:
Language     Runs    
C# 6311381
Java 569746
C (gcc) 349157
C++ (gcc) 340941
Php 321210
Python 3 192465
Python 154464
Ruby 71190
Bash 61846
Node.js 55116
Pascal 24714
Lua 20889
Objective-C 8205
Perl 6102
Brainfuck 3802
Haskell 3540
Common Lisp 2897
C (clang) 2829
C++ (vc++) 2691
Swift 2607
Kotlin 1711
Go 1553
Assembly 1368
MySQL 1303
C++ (clang) 1090
Visual Basic 1058
R 878
Scala 875
Javascript 822
F# 813
C (vc) 710
Sql Server 701
Elixir 574
Scheme 495
Oracle 320
D 300
Tcl 249
Prolog 238
Octave 84
PostgreSQL 73
Ada 72
Ocaml 49
Erlang 44
Fortran 13