mirror of
https://github.com/google/sandboxed-api.git
synced 2024-03-22 13:11:30 +08:00
added gflags for main_sandboxed
This commit is contained in:
parent
6ef819133e
commit
044814f4ed
|
@ -5,7 +5,7 @@ TODO
|
|||
- add more functions
|
||||
- this readme
|
||||
- remove path from CMakeLists.txt
|
||||
- include abseil flags for unit testing
|
||||
- include abseil flags for unit testing (done, should be changed in main.cc also)
|
||||
- improve tests (images, generating images etc.)
|
||||
- clear redundant includes
|
||||
- check if security policy can be stricter
|
|
@ -15,6 +15,7 @@
|
|||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
|
||||
#include <filesystem>
|
||||
#include <iostream>
|
||||
|
||||
#include "lodepng_sapi.sapi.h"
|
||||
|
@ -23,6 +24,8 @@
|
|||
|
||||
ABSL_DECLARE_FLAG(string, sandbox2_danger_danger_permit_all);
|
||||
ABSL_DECLARE_FLAG(string, sandbox2_danger_danger_permit_all_and_log);
|
||||
ABSL_FLAG(string, images_path, std::filesystem::current_path().string(),
|
||||
"path to the folder containing test images");
|
||||
|
||||
// takes a png image (f1), decodes it and ecodes it into f2.
|
||||
// can be viewed as copying f1 into f2. This function has a basic usage
|
||||
|
@ -132,6 +135,7 @@ bool cmp_images32(SapiLodepngSandbox &sandbox, LodepngApi &api,
|
|||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
|
@ -167,13 +171,9 @@ int main(int argc, char *argv[]) {
|
|||
gflags::ParseCommandLineFlags(&argc, &argv, true);
|
||||
absl::Status ret;
|
||||
|
||||
if (argc != 2) {
|
||||
std::cout << "usage: " << basename(argv[0]) << " images_folder_path"
|
||||
<< std::endl;
|
||||
return 1;
|
||||
}
|
||||
std::string images_path(absl::GetFlag(FLAGS_images_path));
|
||||
|
||||
std::string images_path(argv[1]);
|
||||
std::cout << "flag = " << images_path << std::endl;
|
||||
|
||||
SapiLodepngSandbox sandbox(images_path);
|
||||
ret = sandbox.Init();
|
||||
|
|
|
@ -1,14 +1,38 @@
|
|||
// Copyright 2020 Google LLC
|
||||
//
|
||||
// Licensed under the Apache License, Version 2.0 (the "License");
|
||||
// you may not use this file except in compliance with the License.
|
||||
// You may obtain a copy of the License at
|
||||
//
|
||||
// http://www.apache.org/licenses/LICENSE-2.0
|
||||
//
|
||||
// Unless required by applicable law or agreed to in writing, software
|
||||
// distributed under the License is distributed on an "AS IS" BASIS,
|
||||
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
// See the License for the specific language governing permissions and
|
||||
// limitations under the License.
|
||||
|
||||
#include <glog/logging.h>
|
||||
|
||||
#include <filesystem>
|
||||
|
||||
#include "gmock/gmock.h"
|
||||
#include "gtest/gtest.h"
|
||||
#include "lodepng_sapi.sapi.h"
|
||||
#include "sandbox.h"
|
||||
#include <glog/logging.h>
|
||||
#include "gmock/gmock.h"
|
||||
// #include "gtest/gtest.h"
|
||||
#include "sandboxed_api/util/flag.h"
|
||||
|
||||
// defining the flag does not work as intended (always has the default value)
|
||||
// ignore for now
|
||||
ABSL_FLAG(string, images_path, std::filesystem::current_path().string(),
|
||||
"path to the folder containing test images");
|
||||
|
||||
namespace {
|
||||
|
||||
TEST(addition, basic) {
|
||||
EXPECT_EQ(2, 1 + 1);
|
||||
EXPECT_EQ(2, 1 + 1);
|
||||
// std::cout << "flag=" << std::string(absl::GetFlag(FLAGS_images_path))
|
||||
// << std::endl;
|
||||
}
|
||||
|
||||
} // namespace
|
||||
} // namespace
|
|
@ -15,19 +15,23 @@
|
|||
#ifndef SAPI_LODEPNG_SANDBOX_H_
|
||||
#define SAPI_LODEPNG_SANDBOX_H_
|
||||
|
||||
#include "lodepng_sapi.sapi.h"
|
||||
#include <unistd.h>
|
||||
#include <syscall.h>
|
||||
#include <unistd.h>
|
||||
|
||||
#include "lodepng_sapi.sapi.h"
|
||||
|
||||
// TODO change this with the location on your own machine
|
||||
#define base_path "/usr/local/google/home/amedar/internship/sandboxed-api/oss-internship-2020/sapi_lodepng/"
|
||||
#define base_path \
|
||||
"/usr/local/google/home/amedar/internship/sandboxed-api/" \
|
||||
"oss-internship-2020/sapi_lodepng/"
|
||||
|
||||
class SapiLodepngSandbox : public LodepngSandbox {
|
||||
public:
|
||||
SapiLodepngSandbox(const std::string &images_path): images_path_(images_path) {}
|
||||
SapiLodepngSandbox(const std::string &images_path)
|
||||
: images_path_(images_path) {}
|
||||
|
||||
std::unique_ptr<sandbox2::Policy> ModifyPolicy(
|
||||
sandbox2::PolicyBuilder*) override {
|
||||
std::unique_ptr<sandbox2::Policy> ModifyPolicy(
|
||||
sandbox2::PolicyBuilder *) override {
|
||||
return sandbox2::PolicyBuilder()
|
||||
.AllowStaticStartup()
|
||||
.AllowRead()
|
||||
|
@ -38,17 +42,18 @@ class SapiLodepngSandbox : public LodepngSandbox {
|
|||
.AllowStat()
|
||||
// .AddFile("/usr/local/google/home/amedar/sapi_lodepng/test_images/test1.png")
|
||||
.AddDirectory(images_path_, /*is_ro=*/false)
|
||||
// .AddDirectory("/usr/local/google/home/amedar/sapi_lodepng/test_images/out", /*is_ro=*/false)
|
||||
// .AddDirectory("/usr/local/google/home/amedar/sapi_lodepng/test_images/out",
|
||||
// /*is_ro=*/false)
|
||||
.AllowSyscalls({
|
||||
__NR_futex,
|
||||
__NR_lseek,
|
||||
__NR_close,
|
||||
__NR_futex,
|
||||
__NR_lseek,
|
||||
__NR_close,
|
||||
})
|
||||
.BuildOrDie();
|
||||
}
|
||||
}
|
||||
|
||||
private:
|
||||
std::string images_path_;
|
||||
};
|
||||
|
||||
#endif // SAPI_LODEPNG_SANDBOX_H_
|
||||
#endif // SAPI_LODEPNG_SANDBOX_H_
|
Loading…
Reference in New Issue
Block a user