added a sandbox file and extracted the functions that will be sandboxed

oss-internship-2020/sapi_libarchive/CMakeLists.txt

@@ -27,24 +27,51 @@ add_subdirectory("${SAPI_ROOT}"
   EXCLUDE_FROM_ALL
 )
 
+file(STRINGS functions_to_sandbox.txt FUNCTIONS_LIST)
+
 add_sapi_library(
   libarchive_sapi
-  
+
+  #FUNCTIONS ${FUNCTIONS_LIST}
+  #FUNCTIONS archive_read_new
   FUNCTIONS
-  archive_read_new
-  archive_write_disk_new
-  archive_write_disk_set_options
-  archive_read_support_filter_bzip2
-  archive_read_support_filter_gzip
-  archive_read_support_filter_compress
-  archive_read_support_format_tar
-  archive_read_support_format_cpio
-  archive_write_disk_set_standard_lookup
-  archive_read_open_filename
-  archive_error_string
-  archive_read_next_header
-  archive_entry_pathname
-  
+    archive_entry_free
+archive_entry_new
+archive_entry_pathname
+archive_entry_sourcepath
+archive_error_string
+archive_read_close
+archive_read_data_block
+archive_read_disk_descend
+archive_read_disk_new
+archive_read_disk_open
+archive_read_disk_set_standard_lookup
+archive_read_free
+archive_read_new
+archive_read_next_header
+archive_read_next_header2
+archive_read_open_filename
+archive_read_support_filter_bzip2
+archive_read_support_filter_compress
+archive_read_support_filter_gzip
+archive_read_support_format_cpio
+archive_read_support_format_tar
+archive_write_add_filter_bzip2
+archive_write_add_filter_compress
+archive_write_add_filter_gzip
+archive_write_add_filter_none
+archive_write_close
+archive_write_data
+archive_write_data_block
+archive_write_disk_new
+archive_write_disk_set_options
+archive_write_disk_set_standard_lookup
+archive_write_free
+archive_write_header
+archive_write_new
+archive_write_open_filename
+archive_write_set_format_ustar
+
   INPUTS libarchive/libarchive/archive.h
   LIBRARY archive
   LIBRARY_NAME Libarchive

oss-internship-2020/sapi_libarchive/examples/sandbox.h

@@ -0,0 +1,32 @@
+#ifndef SAPI_LIBARCHIVE_SANDBOX_H
+#define SAPI_LIBARCHIVE_SANDBOX_H
+
+#include <syscall.h>
+#include "libarchive_sapi.sapi.h"
+
+class SapiLibarchiveSandboxCreate : public LibarchiveSandbox {
+ public:
+    // TODO
+    explicit SapiLibarchiveSandboxCreate() {}
+ private:
+    std::unique_ptr<sandbox2::Policy> ModifyPolicy(
+      sandbox2::PolicyBuilder*) override {
+    return sandbox2::PolicyBuilder()
+        .BuildOrDie();
+  }
+
+}
+
+
+
+class SapiLibarchiveSandboxExtract : public LibarchiveSandbox {
+ public:
+    // TODO
+    explicit SapiLibarchiveSandboxExtract() {}
+ private:
+    virtual void ModifyExecutor(sandbox2::Executor* executor) override {
+        // TODO create /output/ + chdir here if do_execute
+    }
+}
+
+#endif  // SAPI_LIBARCHIVE_SANDBOX_H

oss-internship-2020/sapi_libarchive/functions_to_sandbox.txt

@@ -0,0 +1,36 @@
+archive_entry_free
+archive_entry_new
+archive_entry_pathname
+archive_entry_sourcepath
+archive_error_string
+archive_read_close
+archive_read_data_block
+archive_read_disk_descend
+archive_read_disk_new
+archive_read_disk_open
+archive_read_disk_set_standard_lookup
+archive_read_free
+archive_read_new
+archive_read_next_header
+archive_read_next_header2
+archive_read_open_filename
+archive_read_support_filter_bzip2
+archive_read_support_filter_compress
+archive_read_support_filter_gzip
+archive_read_support_format_cpio
+archive_read_support_format_tar
+archive_write_add_filter_bzip2
+archive_write_add_filter_compress
+archive_write_add_filter_gzip
+archive_write_add_filter_none
+archive_write_close
+archive_write_data
+archive_write_data_block
+archive_write_disk_new
+archive_write_disk_set_options
+archive_write_disk_set_standard_lookup
+archive_write_free
+archive_write_header
+archive_write_new
+archive_write_open_filename
+archive_write_set_format_ustar