From 56481b1c9f83415a5ed772f9c6581bc17dca47a8 Mon Sep 17 00:00:00 2001 From: Andrei Medar Date: Thu, 10 Sep 2020 15:22:22 +0000 Subject: [PATCH] added a sandbox file and extracted the functions that will be sandboxed --- .../sapi_libarchive/CMakeLists.txt | 57 ++++++++++++++----- .../sapi_libarchive/examples/sandbox.h | 32 +++++++++++ .../sapi_libarchive/functions_to_sandbox.txt | 36 ++++++++++++ 3 files changed, 110 insertions(+), 15 deletions(-) create mode 100644 oss-internship-2020/sapi_libarchive/examples/sandbox.h create mode 100644 oss-internship-2020/sapi_libarchive/functions_to_sandbox.txt diff --git a/oss-internship-2020/sapi_libarchive/CMakeLists.txt b/oss-internship-2020/sapi_libarchive/CMakeLists.txt index c9f0026..9a16f3a 100644 --- a/oss-internship-2020/sapi_libarchive/CMakeLists.txt +++ b/oss-internship-2020/sapi_libarchive/CMakeLists.txt @@ -27,24 +27,51 @@ add_subdirectory("${SAPI_ROOT}" EXCLUDE_FROM_ALL ) +file(STRINGS functions_to_sandbox.txt FUNCTIONS_LIST) + add_sapi_library( libarchive_sapi - + + #FUNCTIONS ${FUNCTIONS_LIST} + #FUNCTIONS archive_read_new FUNCTIONS - archive_read_new - archive_write_disk_new - archive_write_disk_set_options - archive_read_support_filter_bzip2 - archive_read_support_filter_gzip - archive_read_support_filter_compress - archive_read_support_format_tar - archive_read_support_format_cpio - archive_write_disk_set_standard_lookup - archive_read_open_filename - archive_error_string - archive_read_next_header - archive_entry_pathname - + archive_entry_free +archive_entry_new +archive_entry_pathname +archive_entry_sourcepath +archive_error_string +archive_read_close +archive_read_data_block +archive_read_disk_descend +archive_read_disk_new +archive_read_disk_open +archive_read_disk_set_standard_lookup +archive_read_free +archive_read_new +archive_read_next_header +archive_read_next_header2 +archive_read_open_filename +archive_read_support_filter_bzip2 +archive_read_support_filter_compress +archive_read_support_filter_gzip +archive_read_support_format_cpio +archive_read_support_format_tar +archive_write_add_filter_bzip2 +archive_write_add_filter_compress +archive_write_add_filter_gzip +archive_write_add_filter_none +archive_write_close +archive_write_data +archive_write_data_block +archive_write_disk_new +archive_write_disk_set_options +archive_write_disk_set_standard_lookup +archive_write_free +archive_write_header +archive_write_new +archive_write_open_filename +archive_write_set_format_ustar + INPUTS libarchive/libarchive/archive.h LIBRARY archive LIBRARY_NAME Libarchive diff --git a/oss-internship-2020/sapi_libarchive/examples/sandbox.h b/oss-internship-2020/sapi_libarchive/examples/sandbox.h new file mode 100644 index 0000000..afc2416 --- /dev/null +++ b/oss-internship-2020/sapi_libarchive/examples/sandbox.h @@ -0,0 +1,32 @@ +#ifndef SAPI_LIBARCHIVE_SANDBOX_H +#define SAPI_LIBARCHIVE_SANDBOX_H + +#include +#include "libarchive_sapi.sapi.h" + +class SapiLibarchiveSandboxCreate : public LibarchiveSandbox { + public: + // TODO + explicit SapiLibarchiveSandboxCreate() {} + private: + std::unique_ptr ModifyPolicy( + sandbox2::PolicyBuilder*) override { + return sandbox2::PolicyBuilder() + .BuildOrDie(); + } + +} + + + +class SapiLibarchiveSandboxExtract : public LibarchiveSandbox { + public: + // TODO + explicit SapiLibarchiveSandboxExtract() {} + private: + virtual void ModifyExecutor(sandbox2::Executor* executor) override { + // TODO create /output/ + chdir here if do_execute + } +} + +#endif // SAPI_LIBARCHIVE_SANDBOX_H \ No newline at end of file diff --git a/oss-internship-2020/sapi_libarchive/functions_to_sandbox.txt b/oss-internship-2020/sapi_libarchive/functions_to_sandbox.txt new file mode 100644 index 0000000..4289984 --- /dev/null +++ b/oss-internship-2020/sapi_libarchive/functions_to_sandbox.txt @@ -0,0 +1,36 @@ +archive_entry_free +archive_entry_new +archive_entry_pathname +archive_entry_sourcepath +archive_error_string +archive_read_close +archive_read_data_block +archive_read_disk_descend +archive_read_disk_new +archive_read_disk_open +archive_read_disk_set_standard_lookup +archive_read_free +archive_read_new +archive_read_next_header +archive_read_next_header2 +archive_read_open_filename +archive_read_support_filter_bzip2 +archive_read_support_filter_compress +archive_read_support_filter_gzip +archive_read_support_format_cpio +archive_read_support_format_tar +archive_write_add_filter_bzip2 +archive_write_add_filter_compress +archive_write_add_filter_gzip +archive_write_add_filter_none +archive_write_close +archive_write_data +archive_write_data_block +archive_write_disk_new +archive_write_disk_set_options +archive_write_disk_set_standard_lookup +archive_write_free +archive_write_header +archive_write_new +archive_write_open_filename +archive_write_set_format_ustar \ No newline at end of file