StarMirror/sandboxed-api
1
0
Fork 0
mirror of https://github.com/google/sandboxed-api.git synced 2024-03-22 13:11:30 +08:00
Code Issues Projects Releases Wiki Activity

Internal change

Browse Source 
Only externally visible changes should be a few changed includes as well as
some formatting changes.

PiperOrigin-RevId: 353226662
Change-Id: Iebf5be13774efcbd94c5d5a17b9b27e47275b229
This commit is contained in:
Christian Blichmann 2021-01-22 06:01:05 -08:00 committed by Copybara-Service
parent 19fd11b91e
commit 75bbd0e1c1
54 changed files with 412 additions and 347 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
oss-internship-2020/curl/examples/example1.cc
View File

@ -39,22 +39,25 @@ absl::Status Example1() {
// Specify URL to get // Specify URL to get
sapi::v::ConstCStr url("http://example.com"); sapi::v::ConstCStr url("http://example.com");
SAPI_ASSIGN_OR_RETURN(curl_code, api.curl_easy_setopt_ptr(&curl, curl::CURLOPT_URL, SAPI_ASSIGN_OR_RETURN(
url.PtrBefore())); curl_code,
api.curl_easy_setopt_ptr(&curl, curl::CURLOPT_URL, url.PtrBefore()));
if (curl_code != 0) { if (curl_code != 0) {
return absl::UnavailableError("curl_easy_setopt_ptr failed: " + curl_code); return absl::UnavailableError("curl_easy_setopt_ptr failed: " + curl_code);
} }
// Set the library to follow a redirection // Set the library to follow a redirection
SAPI_ASSIGN_OR_RETURN(curl_code, api.curl_easy_setopt_long( SAPI_ASSIGN_OR_RETURN(
&curl, curl::CURLOPT_FOLLOWLOCATION, 1l)); curl_code,
api.curl_easy_setopt_long(&curl, curl::CURLOPT_FOLLOWLOCATION, 1l));
if (curl_code != 0) { if (curl_code != 0) {
return absl::UnavailableError("curl_easy_setopt_long failed: " + curl_code); return absl::UnavailableError("curl_easy_setopt_long failed: " + curl_code);
} }
// Disable authentication of peer certificate // Disable authentication of peer certificate
SAPI_ASSIGN_OR_RETURN(curl_code, api.curl_easy_setopt_long( SAPI_ASSIGN_OR_RETURN(
&curl, curl::CURLOPT_SSL_VERIFYPEER, 0l)); curl_code,
api.curl_easy_setopt_long(&curl, curl::CURLOPT_SSL_VERIFYPEER, 0l));
if (curl_code != 0) { if (curl_code != 0) {
return absl::UnavailableError("curl_easy_setopt_long failed: " + curl_code); return absl::UnavailableError("curl_easy_setopt_long failed: " + curl_code);
} }

9
oss-internship-2020/curl/examples/example2.cc
View File

@ -46,15 +46,16 @@ absl::Status Example2() {
// Specify URL to get // Specify URL to get
sapi::v::ConstCStr url("http://example.com"); sapi::v::ConstCStr url("http://example.com");
SAPI_ASSIGN_OR_RETURN(curl_code, api.curl_easy_setopt_ptr(&curl, curl::CURLOPT_URL, SAPI_ASSIGN_OR_RETURN(
url.PtrBefore())); curl_code,
api.curl_easy_setopt_ptr(&curl, curl::CURLOPT_URL, url.PtrBefore()));
if (curl_code != 0) { if (curl_code != 0) {
return absl::UnavailableError("curl_easy_setopt_ptr failed: " + curl_code); return absl::UnavailableError("curl_easy_setopt_ptr failed: " + curl_code);
} }
// Set WriteMemoryCallback as the write function // Set WriteMemoryCallback as the write function
SAPI_ASSIGN_OR_RETURN(curl_code, SAPI_ASSIGN_OR_RETURN(
api.curl_easy_setopt_ptr(&curl, curl::CURLOPT_WRITEFUNCTION, curl_code, api.curl_easy_setopt_ptr(&curl, curl::CURLOPT_WRITEFUNCTION,
&write_to_memory)); &write_to_memory));
if (curl_code != 0) { if (curl_code != 0) {
return absl::UnavailableError("curl_easy_setopt_ptr failed: " + curl_code); return absl::UnavailableError("curl_easy_setopt_ptr failed: " + curl_code);

26
oss-internship-2020/curl/examples/example3.cc
View File

@ -78,16 +78,17 @@ absl::Status Example3(std::string ssl_certificate, std::string ssl_key,
// Specify URL to get (using HTTPS) // Specify URL to get (using HTTPS)
sapi::v::ConstCStr url("https://example.com"); sapi::v::ConstCStr url("https://example.com");
SAPI_ASSIGN_OR_RETURN(curl_code, api.curl_easy_setopt_ptr(&curl, curl::CURLOPT_URL, SAPI_ASSIGN_OR_RETURN(
url.PtrBefore())); curl_code,
api.curl_easy_setopt_ptr(&curl, curl::CURLOPT_URL, url.PtrBefore()));
if (curl_code != 0) { if (curl_code != 0) {
return absl::UnavailableError("curl_easy_setopt_ptr failed: " + curl_code); return absl::UnavailableError("curl_easy_setopt_ptr failed: " + curl_code);
} }
// Set the SSL certificate type to "PEM" // Set the SSL certificate type to "PEM"
sapi::v::ConstCStr ssl_cert_type("PEM"); sapi::v::ConstCStr ssl_cert_type("PEM");
SAPI_ASSIGN_OR_RETURN(curl_code, SAPI_ASSIGN_OR_RETURN(
api.curl_easy_setopt_ptr(&curl, curl::CURLOPT_SSLCERTTYPE, curl_code, api.curl_easy_setopt_ptr(&curl, curl::CURLOPT_SSLCERTTYPE,
ssl_cert_type.PtrBefore())); ssl_cert_type.PtrBefore()));
if (curl_code != 0) { if (curl_code != 0) {
return absl::UnavailableError("curl_easy_setopt_ptr failed: " + curl_code); return absl::UnavailableError("curl_easy_setopt_ptr failed: " + curl_code);
@ -95,8 +96,8 @@ absl::Status Example3(std::string ssl_certificate, std::string ssl_key,
// Set the certificate for client authentication // Set the certificate for client authentication
sapi::v::ConstCStr sapi_ssl_certificate(ssl_certificate.c_str()); sapi::v::ConstCStr sapi_ssl_certificate(ssl_certificate.c_str());
SAPI_ASSIGN_OR_RETURN(curl_code, SAPI_ASSIGN_OR_RETURN(
api.curl_easy_setopt_ptr(&curl, curl::CURLOPT_SSLCERT, curl_code, api.curl_easy_setopt_ptr(&curl, curl::CURLOPT_SSLCERT,
sapi_ssl_certificate.PtrBefore())); sapi_ssl_certificate.PtrBefore()));
if (curl_code != 0) { if (curl_code != 0) {
return absl::UnavailableError("curl_easy_setopt_ptr failed: " + curl_code); return absl::UnavailableError("curl_easy_setopt_ptr failed: " + curl_code);
@ -113,8 +114,8 @@ absl::Status Example3(std::string ssl_certificate, std::string ssl_key,
// Set the password used to protect the private key // Set the password used to protect the private key
sapi::v::ConstCStr sapi_ssl_key_password(ssl_key_password.c_str()); sapi::v::ConstCStr sapi_ssl_key_password(ssl_key_password.c_str());
SAPI_ASSIGN_OR_RETURN(curl_code, SAPI_ASSIGN_OR_RETURN(
api.curl_easy_setopt_ptr(&curl, curl::CURLOPT_KEYPASSWD, curl_code, api.curl_easy_setopt_ptr(&curl, curl::CURLOPT_KEYPASSWD,
sapi_ssl_key_password.PtrBefore())); sapi_ssl_key_password.PtrBefore()));
if (curl_code != 0) { if (curl_code != 0) {
return absl::UnavailableError("curl_easy_setopt_ptr failed: " + curl_code); return absl::UnavailableError("curl_easy_setopt_ptr failed: " + curl_code);
@ -122,16 +123,17 @@ absl::Status Example3(std::string ssl_certificate, std::string ssl_key,
// Set the file with the certificates vaildating the server // Set the file with the certificates vaildating the server
sapi::v::ConstCStr sapi_ca_certificates(ca_certificates.c_str()); sapi::v::ConstCStr sapi_ca_certificates(ca_certificates.c_str());
SAPI_ASSIGN_OR_RETURN(curl_code, SAPI_ASSIGN_OR_RETURN(
api.curl_easy_setopt_ptr(&curl, curl::CURLOPT_CAINFO, curl_code, api.curl_easy_setopt_ptr(&curl, curl::CURLOPT_CAINFO,
sapi_ca_certificates.PtrBefore())); sapi_ca_certificates.PtrBefore()));
if (curl_code != 0) { if (curl_code != 0) {
return absl::UnavailableError("curl_easy_setopt_ptr failed: " + curl_code); return absl::UnavailableError("curl_easy_setopt_ptr failed: " + curl_code);
} }
// Verify the authenticity of the server // Verify the authenticity of the server
SAPI_ASSIGN_OR_RETURN(curl_code, api.curl_easy_setopt_long( SAPI_ASSIGN_OR_RETURN(
&curl, curl::CURLOPT_SSL_VERIFYPEER, 1L)); curl_code,
api.curl_easy_setopt_long(&curl, curl::CURLOPT_SSL_VERIFYPEER, 1L));
if (curl_code != 0) { if (curl_code != 0) {
return absl::UnavailableError("curl_easy_setopt_long failed: " + curl_code); return absl::UnavailableError("curl_easy_setopt_long failed: " + curl_code);
} }

13
oss-internship-2020/curl/examples/example4.cc
View File

@ -50,8 +50,8 @@ absl::Status Example4() {
// Specify URL to get // Specify URL to get
sapi::v::ConstCStr url("http://example.com"); sapi::v::ConstCStr url("http://example.com");
SAPI_ASSIGN_OR_RETURN(curl_code, SAPI_ASSIGN_OR_RETURN(
api.curl_easy_setopt_ptr(&http_handle, curl::CURLOPT_URL, curl_code, api.curl_easy_setopt_ptr(&http_handle, curl::CURLOPT_URL,
url.PtrBefore())); url.PtrBefore()));
if (curl_code != 0) { if (curl_code != 0) {
return absl::UnavailableError("curl_easy_setopt_ptr failed: " + curl_code); return absl::UnavailableError("curl_easy_setopt_ptr failed: " + curl_code);
@ -77,8 +77,9 @@ absl::Status Example4() {
sapi::v::Int numfds(0); sapi::v::Int numfds(0);
// Perform the request // Perform the request
SAPI_ASSIGN_OR_RETURN(curl_code, api.curl_multi_perform( SAPI_ASSIGN_OR_RETURN(
&multi_handle, still_running.PtrBoth())); curl_code,
api.curl_multi_perform(&multi_handle, still_running.PtrBoth()));
if (curl_code != 0) { if (curl_code != 0) {
return absl::UnavailableError("curl_mutli_perform failed: " + curl_code); return absl::UnavailableError("curl_mutli_perform failed: " + curl_code);
} }
@ -97,8 +98,8 @@ absl::Status Example4() {
} }
// Remove http_handle from the multi stack // Remove http_handle from the multi stack
SAPI_ASSIGN_OR_RETURN(curl_code, SAPI_ASSIGN_OR_RETURN(
api.curl_multi_remove_handle(&multi_handle, &http_handle)); curl_code, api.curl_multi_remove_handle(&multi_handle, &http_handle));
if (curl_code != 0) { if (curl_code != 0) {
return absl::UnavailableError("curl_multi_remove_handle failed: " + return absl::UnavailableError("curl_multi_remove_handle failed: " +
curl_code); curl_code);

5
oss-internship-2020/curl/examples/example5.cc
View File

@ -36,8 +36,9 @@ absl::Status pull_one_url(const std::string& url, curl::CurlApi& api) {
// Specify URL to get // Specify URL to get
sapi::v::ConstCStr sapi_url(url.c_str()); sapi::v::ConstCStr sapi_url(url.c_str());
SAPI_ASSIGN_OR_RETURN(curl_code, api.curl_easy_setopt_ptr(&curl, curl::CURLOPT_URL, SAPI_ASSIGN_OR_RETURN(
sapi_url.PtrBefore())); curl_code,
api.curl_easy_setopt_ptr(&curl, curl::CURLOPT_URL, sapi_url.PtrBefore()));
if (curl_code != 0) { if (curl_code != 0) {
return absl::UnavailableError("curl_easy_setopt_ptr failed: " + curl_code); return absl::UnavailableError("curl_easy_setopt_ptr failed: " + curl_code);
} }

9
oss-internship-2020/gdal/raster.cc
View File

@ -101,8 +101,9 @@ absl::Status GdalMain(std::string filename) {
// analyzing the returning object. // analyzing the returning object.
// Same for GDALReturnsIO from below. // Same for GDALReturnsIO from below.
CPLErr err; CPLErr err;
SAPI_ASSIGN_OR_RETURN(err, api.GDALGetGeoTransform( SAPI_ASSIGN_OR_RETURN(
&ptr_dataset, adf_geo_transform_array.PtrBoth())); err,
api.GDALGetGeoTransform(&ptr_dataset, adf_geo_transform_array.PtrBoth()));
// If GDALGetGeoTransform generates an error. // If GDALGetGeoTransform generates an error.
if (err != CE_None) { if (err != CE_None) {
@ -127,8 +128,8 @@ absl::Status GdalMain(std::string filename) {
} }
sapi::v::RemotePtr ptr_band(band.value()); sapi::v::RemotePtr ptr_band(band.value());
SAPI_RETURN_IF_ERROR(api.GDALGetBlockSize(&ptr_band, nBlockXSizeArray.PtrBoth(), SAPI_RETURN_IF_ERROR(api.GDALGetBlockSize(
nBlockYSizeArray.PtrBoth())); &ptr_band, nBlockXSizeArray.PtrBoth(), nBlockYSizeArray.PtrBoth()));
LOG(INFO) << "Block = " << n_blockX_size[0] << " x " << n_blockY_size[0] LOG(INFO) << "Block = " << n_blockX_size[0] << " x " << n_blockY_size[0]
<< std::endl; << std::endl;

3
oss-internship-2020/gdal/raster_to_gtiff/gtiff_converter.cc
View File

@ -95,7 +95,8 @@ absl::Status RasterToGTiffProcessor::Main() {
"Error setting color interpretation"); "Error setting color interpretation");
if (band_data.no_data_value.has_value()) { if (band_data.no_data_value.has_value()) {
SAPI_ASSIGN_OR_RETURN(result, api.GDALSetRasterNoDataValue( SAPI_ASSIGN_OR_RETURN(result,
api.GDALSetRasterNoDataValue(
&band_ptr, band_data.no_data_value.value())); &band_ptr, band_data.no_data_value.value()));
TRANSACTION_FAIL_IF_NOT(result.value() == CPLErr::CE_None, TRANSACTION_FAIL_IF_NOT(result.value() == CPLErr::CE_None,

27
oss-internship-2020/jsonnet/tests/jsonnet_tests_utils.cc
View File

@ -46,8 +46,8 @@ void JsonnetTestHelper::TestSetUp() {
// Cleans up after a test. // Cleans up after a test.
void JsonnetTestHelper::TestTearDown() { void JsonnetTestHelper::TestTearDown() {
if (jsonnet_vm_was_used_) { if (jsonnet_vm_was_used_) {
SAPI_ASSERT_OK_AND_ASSIGN(char* result, SAPI_ASSERT_OK_AND_ASSIGN(
api_->c_jsonnet_realloc(vm_.get(), output_.get(), 0)); char* result, api_->c_jsonnet_realloc(vm_.get(), output_.get(), 0));
} }
ASSERT_THAT(api_->c_jsonnet_destroy(vm_.get()), sapi::IsOk()); ASSERT_THAT(api_->c_jsonnet_destroy(vm_.get()), sapi::IsOk());
if (input_was_read_) { if (input_was_read_) {
@ -78,23 +78,26 @@ void JsonnetTestHelper::Evaluate_jsonnet_code(Evaluation type,
switch (type) { switch (type) {
case kBase: { case kBase: {
SAPI_ASSERT_OK_AND_ASSIGN(output_ptr, api_->c_jsonnet_evaluate_snippet( SAPI_ASSERT_OK_AND_ASSIGN(
vm_.get(), in_file_var.PtrBefore(), output_ptr,
api_->c_jsonnet_evaluate_snippet(vm_.get(), in_file_var.PtrBefore(),
input_.get(), error.PtrAfter())); input_.get(), error.PtrAfter()));
break; break;
} }
case kMultipleFiles: { case kMultipleFiles: {
SAPI_ASSERT_OK_AND_ASSIGN(output_ptr, api_->c_jsonnet_evaluate_snippet_multi( SAPI_ASSERT_OK_AND_ASSIGN(
vm_.get(), in_file_var.PtrBefore(), output_ptr, api_->c_jsonnet_evaluate_snippet_multi(
input_.get(), error.PtrAfter())); vm_.get(), in_file_var.PtrBefore(), input_.get(),
error.PtrAfter()));
break; break;
} }
case kYamlStream: { case kYamlStream: {
SAPI_ASSERT_OK_AND_ASSIGN(output_ptr, api_->c_jsonnet_evaluate_snippet_stream( SAPI_ASSERT_OK_AND_ASSIGN(
vm_.get(), in_file_var.PtrBefore(), output_ptr, api_->c_jsonnet_evaluate_snippet_stream(
input_.get(), error.PtrAfter())); vm_.get(), in_file_var.PtrBefore(), input_.get(),
error.PtrAfter()));
break; break;
} }
} }
@ -130,8 +133,8 @@ void JsonnetTestHelper::WriteOutput(const char* filename_or_directory,
case kMultipleFiles: { case kMultipleFiles: {
std::string out_file_in_sandboxee(std::string("/output/")); std::string out_file_in_sandboxee(std::string("/output/"));
sapi::v::ConstCStr out_file_var(out_file_in_sandboxee.c_str()); sapi::v::ConstCStr out_file_var(out_file_in_sandboxee.c_str());
SAPI_ASSERT_OK_AND_ASSIGN(success, SAPI_ASSERT_OK_AND_ASSIGN(
api_->c_write_multi_output_files( success, api_->c_write_multi_output_files(
output_.get(), out_file_var.PtrBefore(), false)); output_.get(), out_file_var.PtrBefore(), false));
break; break;
} }

28
oss-internship-2020/libarchive/examples/sapi_minitar.cc
View File

@ -106,7 +106,8 @@ absl::Status CreateArchive(const char* initial_filename, int compress,
filename_ptr = nullptr; filename_ptr = nullptr;
} }
SAPI_ASSIGN_OR_RETURN(rc, api.archive_write_open_filename( SAPI_ASSIGN_OR_RETURN(rc,
api.archive_write_open_filename(
&a, sapi::v::ConstCStr(filename_ptr).PtrBefore())); &a, sapi::v::ConstCStr(filename_ptr).PtrBefore()));
if (rc != ARCHIVE_OK) { if (rc != ARCHIVE_OK) {
return absl::FailedPreconditionError( return absl::FailedPreconditionError(
@ -160,8 +161,9 @@ absl::Status CreateArchive(const char* initial_filename, int compress,
} }
if (rc != ARCHIVE_OK) { if (rc != ARCHIVE_OK) {
SAPI_ASSIGN_OR_RETURN(msg, CheckStatusAndGetString( SAPI_ASSIGN_OR_RETURN(
api.archive_error_string(&disk), sandbox)); msg,
CheckStatusAndGetString(api.archive_error_string(&disk), sandbox));
return absl::FailedPreconditionError(msg); return absl::FailedPreconditionError(msg);
} }
@ -209,8 +211,9 @@ absl::Status CreateArchive(const char* initial_filename, int compress,
&entry, sapi::v::ConstCStr(path_name.c_str()).PtrBefore())); &entry, sapi::v::ConstCStr(path_name.c_str()).PtrBefore()));
if (verbose) { if (verbose) {
SAPI_ASSIGN_OR_RETURN(msg, CheckStatusAndGetString( SAPI_ASSIGN_OR_RETURN(
api.archive_entry_pathname(&entry), sandbox)); msg, CheckStatusAndGetString(api.archive_entry_pathname(&entry),
sandbox));
std::cout << msg << std::endl; std::cout << msg << std::endl;
} }
@ -256,8 +259,9 @@ absl::Status CreateArchive(const char* initial_filename, int compress,
sandbox.Call("read", &read_ret, &sapi_fd, buff.PtrNone(), &ssize)); sandbox.Call("read", &read_ret, &sapi_fd, buff.PtrNone(), &ssize));
while (read_ret.GetValue() > 0) { while (read_ret.GetValue() > 0) {
SAPI_ASSIGN_OR_RETURN(rc, api.archive_write_data(&a, buff.PtrNone(), SAPI_ASSIGN_OR_RETURN(
read_ret.GetValue())); rc,
api.archive_write_data(&a, buff.PtrNone(), read_ret.GetValue()));
SAPI_RETURN_IF_ERROR(sandbox.Call("read", &read_ret, &sapi_fd, SAPI_RETURN_IF_ERROR(sandbox.Call("read", &read_ret, &sapi_fd,
buff.PtrNone(), &ssize)); buff.PtrNone(), &ssize));
@ -426,8 +430,9 @@ absl::Status ExtractArchive(const char* filename, int do_extract, int flags,
} }
if (verbose || !do_extract) { if (verbose || !do_extract) {
SAPI_ASSIGN_OR_RETURN(msg, CheckStatusAndGetString( SAPI_ASSIGN_OR_RETURN(
api.archive_entry_pathname(&entry), sandbox)); msg,
CheckStatusAndGetString(api.archive_entry_pathname(&entry), sandbox));
std::cout << msg << std::endl; std::cout << msg << std::endl;
} }
@ -502,8 +507,9 @@ absl::StatusOr<int> CopyData(sapi::v::RemotePtr* ar, sapi::v::RemotePtr* aw,
sapi::v::RemotePtr buff(buff_ptr_tmp.GetValue()); sapi::v::RemotePtr buff(buff_ptr_tmp.GetValue());
SAPI_ASSIGN_OR_RETURN(rc, api.archive_write_data_block( SAPI_ASSIGN_OR_RETURN(
aw, &buff, size.GetValue(), offset.GetValue())); rc, api.archive_write_data_block(aw, &buff, size.GetValue(),
offset.GetValue()));
if (rc != ARCHIVE_OK) { if (rc != ARCHIVE_OK) {
SAPI_ASSIGN_OR_RETURN( SAPI_ASSIGN_OR_RETURN(

5
oss-internship-2020/libpng/examples/example1.cc
View File

@ -32,8 +32,9 @@ absl::Status LibPNGMain(const std::string& infile, const std::string& outfile) {
image.mutable_data()->version = PNG_IMAGE_VERSION; image.mutable_data()->version = PNG_IMAGE_VERSION;
SAPI_ASSIGN_OR_RETURN(int result, api.png_image_begin_read_from_file( SAPI_ASSIGN_OR_RETURN(
image.PtrBoth(), infile_var.PtrBefore())); int result, api.png_image_begin_read_from_file(image.PtrBoth(),
infile_var.PtrBefore()));
if (!result) { if (!result) {
return absl::InternalError( return absl::InternalError(
absl::StrCat("begin read error: ", image.mutable_data()->message)); absl::StrCat("begin read error: ", image.mutable_data()->message));

9
oss-internship-2020/libpng/examples/example2.cc
View File

@ -52,7 +52,8 @@ absl::StatusOr<Data> ReadPng(LibPNGApi& api, absl::string_view infile) {
} }
sapi::v::Array<char> header(8); sapi::v::Array<char> header(8);
SAPI_RETURN_IF_ERROR(api.png_fread(header.PtrBoth(), 1, header.GetSize(), &file)); SAPI_RETURN_IF_ERROR(
api.png_fread(header.PtrBoth(), 1, header.GetSize(), &file));
SAPI_ASSIGN_OR_RETURN(int return_value, SAPI_ASSIGN_OR_RETURN(int return_value,
api.png_sig_cmp(header.PtrBoth(), 0, header.GetSize())); api.png_sig_cmp(header.PtrBoth(), 0, header.GetSize()));
@ -87,7 +88,8 @@ absl::StatusOr<Data> ReadPng(LibPNGApi& api, absl::string_view infile) {
SAPI_RETURN_IF_ERROR(api.png_read_info(&struct_ptr, &info_ptr)); SAPI_RETURN_IF_ERROR(api.png_read_info(&struct_ptr, &info_ptr));
Data data; Data data;
SAPI_ASSIGN_OR_RETURN(data.width, api.png_get_image_width(&struct_ptr, &info_ptr)); SAPI_ASSIGN_OR_RETURN(data.width,
api.png_get_image_width(&struct_ptr, &info_ptr));
SAPI_ASSIGN_OR_RETURN(data.height, SAPI_ASSIGN_OR_RETURN(data.height,
api.png_get_image_height(&struct_ptr, &info_ptr)); api.png_get_image_height(&struct_ptr, &info_ptr));
@ -104,7 +106,8 @@ absl::StatusOr<Data> ReadPng(LibPNGApi& api, absl::string_view infile) {
SAPI_RETURN_IF_ERROR(api.png_read_update_info(&struct_ptr, &info_ptr)); SAPI_RETURN_IF_ERROR(api.png_read_update_info(&struct_ptr, &info_ptr));
SAPI_RETURN_IF_ERROR(api.png_setjmp(&struct_ptr)); SAPI_RETURN_IF_ERROR(api.png_setjmp(&struct_ptr));
SAPI_ASSIGN_OR_RETURN(data.rowbytes, api.png_get_rowbytes(&struct_ptr, &info_ptr)); SAPI_ASSIGN_OR_RETURN(data.rowbytes,
api.png_get_rowbytes(&struct_ptr, &info_ptr));
data.row_pointers = data.row_pointers =
std::make_unique<sapi::v::Array<uint8_t>>(data.height * data.rowbytes); std::make_unique<sapi::v::Array<uint8_t>>(data.height * data.rowbytes);

6
oss-internship-2020/libuv/examples/idle-basic.cc
View File

@ -46,7 +46,8 @@ absl::Status IdleBasic() {
// Get remote pointer to the IdleCallback method // Get remote pointer to the IdleCallback method
void* function_ptr; void* function_ptr;
SAPI_RETURN_IF_ERROR(sandbox.rpc_channel()->Symbol("IdleCallback", &function_ptr)); SAPI_RETURN_IF_ERROR(
sandbox.rpc_channel()->Symbol("IdleCallback", &function_ptr));
sapi::v::RemotePtr idle_callback(function_ptr); sapi::v::RemotePtr idle_callback(function_ptr);
// Allocate memory for the uv_idle_t object // Allocate memory for the uv_idle_t object
@ -69,7 +70,8 @@ absl::Status IdleBasic() {
} }
// Start idler // Start idler
SAPI_ASSIGN_OR_RETURN(return_code, api.sapi_uv_idle_start(&idler, &idle_callback)); SAPI_ASSIGN_OR_RETURN(return_code,
api.sapi_uv_idle_start(&idler, &idle_callback));
if (return_code != 0) { if (return_code != 0) {
return absl::UnavailableError("sapi_uv_idle_start returned error " + return absl::UnavailableError("sapi_uv_idle_start returned error " +
return_code); return_code);

7
oss-internship-2020/libuv/examples/uvcat.cc
View File

@ -61,7 +61,8 @@ absl::Status UVCat(std::string filearg) {
// Get remote pointer to the open_req variable // Get remote pointer to the open_req variable
void* open_req_voidptr; void* open_req_voidptr;
SAPI_RETURN_IF_ERROR(sandbox.rpc_channel()->Symbol("open_req", &open_req_voidptr)); SAPI_RETURN_IF_ERROR(
sandbox.rpc_channel()->Symbol("open_req", &open_req_voidptr));
sapi::v::RemotePtr open_req(open_req_voidptr); sapi::v::RemotePtr open_req(open_req_voidptr);
// Get default loop // Get default loop
@ -72,8 +73,8 @@ absl::Status UVCat(std::string filearg) {
// Open file using the OnOpen callback (which will also read and print it) // Open file using the OnOpen callback (which will also read and print it)
sapi::v::ConstCStr filename(filearg.c_str()); sapi::v::ConstCStr filename(filearg.c_str());
SAPI_ASSIGN_OR_RETURN(return_code, SAPI_ASSIGN_OR_RETURN(
api.sapi_uv_fs_open(&loop, &open_req, filename.PtrBefore(), return_code, api.sapi_uv_fs_open(&loop, &open_req, filename.PtrBefore(),
O_RDONLY, 0, &on_open)); O_RDONLY, 0, &on_open));
if (return_code != 0) { if (return_code != 0) {
return absl::UnavailableError("uv_fs_open returned error " + return_code); return absl::UnavailableError("uv_fs_open returned error " + return_code);

7
oss-internship-2020/libuv/tests/test_callback.cc
View File

@ -48,7 +48,8 @@ class UVTestCallback : public ::testing::Test {
// Check sapi_uv_timer_init // Check sapi_uv_timer_init
void UVTimerInit(sapi::v::Ptr* loop, sapi::v::Ptr* timer) { void UVTimerInit(sapi::v::Ptr* loop, sapi::v::Ptr* timer) {
SAPI_ASSERT_OK_AND_ASSIGN(int error_code, api_->sapi_uv_timer_init(loop, timer)); SAPI_ASSERT_OK_AND_ASSIGN(int error_code,
api_->sapi_uv_timer_init(loop, timer));
ASSERT_EQ(error_code, 0); ASSERT_EQ(error_code, 0);
} }
@ -63,8 +64,8 @@ class UVTestCallback : public ::testing::Test {
sapi::v::RemotePtr timer_cb(timer_cb_voidptr); sapi::v::RemotePtr timer_cb(timer_cb_voidptr);
// Set the timer's callback, timeout and repeat // Set the timer's callback, timeout and repeat
SAPI_ASSERT_OK_AND_ASSIGN(int error_code, SAPI_ASSERT_OK_AND_ASSIGN(
api_->sapi_uv_timer_start(timer, &timer_cb, 0, 0)); int error_code, api_->sapi_uv_timer_start(timer, &timer_cb, 0, 0));
ASSERT_EQ(error_code, 0); ASSERT_EQ(error_code, 0);
} }

4
oss-internship-2020/lodepng/examples/main_unit_test.cc
View File

@ -84,8 +84,8 @@ TEST(LodePngTest, EncodeDecodeOneStep) {
sapi::v::UInt sapi_width, sapi_height; sapi::v::UInt sapi_width, sapi_height;
sapi::v::IntBase<uint8_t*> sapi_image_ptr(0); sapi::v::IntBase<uint8_t*> sapi_image_ptr(0);
SAPI_ASSERT_OK_AND_ASSIGN(result, SAPI_ASSERT_OK_AND_ASSIGN(
api.lodepng_decode32_file( result, api.lodepng_decode32_file(
sapi_image_ptr.PtrBoth(), sapi_width.PtrBoth(), sapi_image_ptr.PtrBoth(), sapi_width.PtrBoth(),
sapi_height.PtrBoth(), sapi_filename.PtrBefore())); sapi_height.PtrBoth(), sapi_filename.PtrBefore()));

21
sandboxed_api/examples/stringop/main_stringop.cc
View File

@ -27,9 +27,9 @@
#include "sandboxed_api/examples/stringop/lib/stringop-sapi.sapi.h" #include "sandboxed_api/examples/stringop/lib/stringop-sapi.sapi.h"
#include "sandboxed_api/examples/stringop/lib/stringop_params.pb.h" #include "sandboxed_api/examples/stringop/lib/stringop_params.pb.h"
#include "sandboxed_api/transaction.h" #include "sandboxed_api/transaction.h"
#include "sandboxed_api/util/status_macros.h"
#include "sandboxed_api/util/status_matchers.h" #include "sandboxed_api/util/status_matchers.h"
#include "sandboxed_api/vars.h" #include "sandboxed_api/vars.h"
#include "sandboxed_api/util/status_macros.h"
using ::sapi::IsOk; using ::sapi::IsOk;
using ::testing::Eq; using ::testing::Eq;
@ -48,7 +48,8 @@ TEST(StringopTest, ProtobufStringDuplication) {
proto.set_input("Hello"); proto.set_input("Hello");
sapi::v::Proto<stringop::StringDuplication> pp(proto); sapi::v::Proto<stringop::StringDuplication> pp(proto);
{ {
SAPI_ASSIGN_OR_RETURN(int return_value, api.pb_duplicate_string(pp.PtrBoth())); SAPI_ASSIGN_OR_RETURN(int return_value,
api.pb_duplicate_string(pp.PtrBoth()));
TRANSACTION_FAIL_IF_NOT(return_value, "pb_duplicate_string() failed"); TRANSACTION_FAIL_IF_NOT(return_value, "pb_duplicate_string() failed");
} }
@ -69,7 +70,8 @@ TEST(StringopTest, ProtobufStringReversal) {
stringop::StringReverse proto; stringop::StringReverse proto;
proto.set_input("Hello"); proto.set_input("Hello");
sapi::v::Proto<stringop::StringReverse> pp(proto); sapi::v::Proto<stringop::StringReverse> pp(proto);
SAPI_ASSERT_OK_AND_ASSIGN(int return_value, api.pb_reverse_string(pp.PtrBoth())); SAPI_ASSERT_OK_AND_ASSIGN(int return_value,
api.pb_reverse_string(pp.PtrBoth()));
EXPECT_THAT(return_value, Ne(0)) << "pb_reverse_string() failed"; EXPECT_THAT(return_value, Ne(0)) << "pb_reverse_string() failed";
SAPI_ASSERT_OK_AND_ASSIGN(auto pb_result, pp.GetMessage()); SAPI_ASSERT_OK_AND_ASSIGN(auto pb_result, pp.GetMessage());
@ -83,7 +85,8 @@ TEST(StringopTest, RawStringDuplication) {
StringopApi api(&sandbox); StringopApi api(&sandbox);
sapi::v::LenVal param("0123456789", 10); sapi::v::LenVal param("0123456789", 10);
SAPI_ASSERT_OK_AND_ASSIGN(int return_value, api.duplicate_string(param.PtrBoth())); SAPI_ASSERT_OK_AND_ASSIGN(int return_value,
api.duplicate_string(param.PtrBoth()));
EXPECT_THAT(return_value, Eq(1)) << "duplicate_string() failed"; EXPECT_THAT(return_value, Eq(1)) << "duplicate_string() failed";
absl::string_view data(reinterpret_cast<const char*>(param.GetData()), absl::string_view data(reinterpret_cast<const char*>(param.GetData()),
@ -100,7 +103,8 @@ TEST(StringopTest, RawStringReversal) {
sapi::v::LenVal param("0123456789", 10); sapi::v::LenVal param("0123456789", 10);
{ {
SAPI_ASSERT_OK_AND_ASSIGN(int return_value, api.reverse_string(param.PtrBoth())); SAPI_ASSERT_OK_AND_ASSIGN(int return_value,
api.reverse_string(param.PtrBoth()));
EXPECT_THAT(return_value, Eq(1)) EXPECT_THAT(return_value, Eq(1))
<< "reverse_string() returned incorrect value"; << "reverse_string() returned incorrect value";
absl::string_view data(reinterpret_cast<const char*>(param.GetData()), absl::string_view data(reinterpret_cast<const char*>(param.GetData()),
@ -120,7 +124,8 @@ TEST(StringopTest, RawStringReversal) {
EXPECT_THAT(data, SizeIs(16)) << "Resize did not behave correctly"; EXPECT_THAT(data, SizeIs(16)) << "Resize did not behave correctly";
EXPECT_THAT(std::string(data), StrEq("9876543210ABCDEF")); EXPECT_THAT(std::string(data), StrEq("9876543210ABCDEF"));
SAPI_ASSERT_OK_AND_ASSIGN(int return_value, api.reverse_string(param.PtrBoth())); SAPI_ASSERT_OK_AND_ASSIGN(int return_value,
api.reverse_string(param.PtrBoth()));
EXPECT_THAT(return_value, Eq(1)) EXPECT_THAT(return_value, Eq(1))
<< "reverse_string() returned incorrect value"; << "reverse_string() returned incorrect value";
data = absl::string_view(reinterpret_cast<const char*>(param.GetData()), data = absl::string_view(reinterpret_cast<const char*>(param.GetData()),
@ -148,8 +153,8 @@ TEST(StringopTest, RawStringReading) {
sandbox.rpc_channel()->Strlen(target_mem_ptr)); sandbox.rpc_channel()->Strlen(target_mem_ptr));
EXPECT_THAT(len, Eq(10)); EXPECT_THAT(len, Eq(10));
SAPI_ASSERT_OK_AND_ASSIGN(std::string data, SAPI_ASSERT_OK_AND_ASSIGN(
sandbox.GetCString(sapi::v::RemotePtr(target_mem_ptr))); std::string data, sandbox.GetCString(sapi::v::RemotePtr(target_mem_ptr)));
EXPECT_THAT(data, StrEq("Ten chars.")); EXPECT_THAT(data, StrEq("Ten chars."));
} }

6
sandboxed_api/examples/sum/main_sum.cc
View File

@ -157,13 +157,15 @@ absl::Status SumTransaction::Main() {
char buffer[1024] = {0}; char buffer[1024] = {0};
sapi::v::Array<char> buf(buffer, sizeof(buffer)); sapi::v::Array<char> buf(buffer, sizeof(buffer));
sapi::v::UInt size(128); sapi::v::UInt size(128);
SAPI_RETURN_IF_ERROR(sandbox()->Call("read", &ret, &fd2, buf.PtrBoth(), &size)); SAPI_RETURN_IF_ERROR(
sandbox()->Call("read", &ret, &fd2, buf.PtrBoth(), &size));
LOG(INFO) << "Read from /proc/self/comm = [" << buffer << "]"; LOG(INFO) << "Read from /proc/self/comm = [" << buffer << "]";
// Close test. // Close test.
SAPI_RETURN_IF_ERROR(fd2.CloseRemoteFd(sandbox()->rpc_channel())); SAPI_RETURN_IF_ERROR(fd2.CloseRemoteFd(sandbox()->rpc_channel()));
memset(buffer, 0, sizeof(buffer)); memset(buffer, 0, sizeof(buffer));
SAPI_RETURN_IF_ERROR(sandbox()->Call("read", &ret, &fd2, buf.PtrBoth(), &size)); SAPI_RETURN_IF_ERROR(
sandbox()->Call("read", &ret, &fd2, buf.PtrBoth(), &size));
LOG(INFO) << "Read from closed /proc/self/comm = [" << buffer << "]"; LOG(INFO) << "Read from closed /proc/self/comm = [" << buffer << "]";
// Pass fd as function arg example. // Pass fd as function arg example.

2
sandboxed_api/sandbox2/BUILD.bazel
View File

@ -601,7 +601,7 @@ cc_library(
":util", ":util",
"//sandboxed_api/util:raw_logging", "//sandboxed_api/util:raw_logging",
"//sandboxed_api/util:status", "//sandboxed_api/util:status",
"//sandboxed_api/util:status_proto", "//sandboxed_api/util:status_cc_proto",
"//sandboxed_api/util:strerror", "//sandboxed_api/util:strerror",
"@com_google_absl//absl/base:core_headers", "@com_google_absl//absl/base:core_headers",
"@com_google_absl//absl/memory", "@com_google_absl//absl/memory",

1
sandboxed_api/sandbox2/comms.cc
View File

@ -44,7 +44,6 @@
#include "sandboxed_api/util/raw_logging.h" #include "sandboxed_api/util/raw_logging.h"
#include "sandboxed_api/util/status.h" #include "sandboxed_api/util/status.h"
#include "sandboxed_api/util/strerror.h" #include "sandboxed_api/util/strerror.h"
#include "sandboxed_api/util/status_macros.h"
#ifdef MEMORY_SANITIZER #ifdef MEMORY_SANITIZER
#include "base/dynamic_annotations.h" #include "base/dynamic_annotations.h"

2
sandboxed_api/sandbox2/comms.h
View File

@ -38,7 +38,7 @@
namespace proto2 { namespace proto2 {
class Message; class Message;
} } // namespace proto2
namespace sandbox2 { namespace sandbox2 {

2
sandboxed_api/sandbox2/examples/custom_fork/BUILD.bazel
View File

@ -31,9 +31,7 @@ cc_binary(
"//sandboxed_api/sandbox2:comms", "//sandboxed_api/sandbox2:comms",
"//sandboxed_api/sandbox2:forkserver", "//sandboxed_api/sandbox2:forkserver",
"//sandboxed_api/util:flags", "//sandboxed_api/util:flags",
"//sandboxed_api/util:raw_logging",
"//sandboxed_api/util:runfiles", "//sandboxed_api/util:runfiles",
"@com_google_absl//absl/base:core_headers",
"@com_google_absl//absl/memory", "@com_google_absl//absl/memory",
], ],
) )

2
sandboxed_api/sandbox2/examples/network_proxy/networkproxy_bin.cc
View File

@ -20,8 +20,8 @@
#include "sandboxed_api/sandbox2/comms.h" #include "sandboxed_api/sandbox2/comms.h"
#include "sandboxed_api/sandbox2/network_proxy/client.h" #include "sandboxed_api/sandbox2/network_proxy/client.h"
#include "sandboxed_api/util/fileops.h" #include "sandboxed_api/util/fileops.h"
#include "sandboxed_api/util/strerror.h"
#include "sandboxed_api/util/status_macros.h" #include "sandboxed_api/util/status_macros.h"
#include "sandboxed_api/util/strerror.h"
ABSL_FLAG(bool, connect_with_handler, true, "Connect using automatic mode."); ABSL_FLAG(bool, connect_with_handler, true, "Connect using automatic mode.");

9
sandboxed_api/sandbox2/ipc_test.cc
View File

@ -45,7 +45,8 @@ TEST(IPCTest, MapFDByNamePreExecve) {
auto executor = absl::make_unique<Executor>(path, args); auto executor = absl::make_unique<Executor>(path, args);
Comms comms(executor->ipc()->ReceiveFd(kPreferredIpcFd, "ipc_test")); Comms comms(executor->ipc()->ReceiveFd(kPreferredIpcFd, "ipc_test"));
SAPI_ASSERT_OK_AND_ASSIGN(auto policy, PolicyBuilder() SAPI_ASSERT_OK_AND_ASSIGN(auto policy,
PolicyBuilder()
.DisableNamespaces() .DisableNamespaces()
// Don't restrict the syscalls at all. // Don't restrict the syscalls at all.
.DangerDefaultAllowAll() .DangerDefaultAllowAll()
@ -76,7 +77,8 @@ TEST(IPCTest, MapFDByNamePostExecve) {
executor->set_enable_sandbox_before_exec(false); executor->set_enable_sandbox_before_exec(false);
Comms comms(executor->ipc()->ReceiveFd(kPreferredIpcFd, "ipc_test")); Comms comms(executor->ipc()->ReceiveFd(kPreferredIpcFd, "ipc_test"));
SAPI_ASSERT_OK_AND_ASSIGN(auto policy, PolicyBuilder() SAPI_ASSERT_OK_AND_ASSIGN(auto policy,
PolicyBuilder()
.DisableNamespaces() .DisableNamespaces()
// Don't restrict the syscalls at all. // Don't restrict the syscalls at all.
.DangerDefaultAllowAll() .DangerDefaultAllowAll()
@ -103,7 +105,8 @@ TEST(IPCTest, NoMappedFDsPreExecve) {
std::vector<std::string> args = {path, "3"}; std::vector<std::string> args = {path, "3"};
auto executor = absl::make_unique<Executor>(path, args); auto executor = absl::make_unique<Executor>(path, args);
SAPI_ASSERT_OK_AND_ASSIGN(auto policy, PolicyBuilder() SAPI_ASSERT_OK_AND_ASSIGN(auto policy,
PolicyBuilder()
.DisableNamespaces() .DisableNamespaces()
// Don't restrict the syscalls at all. // Don't restrict the syscalls at all.
.DangerDefaultAllowAll() .DangerDefaultAllowAll()

15
sandboxed_api/sandbox2/limits_test.cc
View File

@ -44,7 +44,8 @@ TEST(LimitsTest, RLimitASMmapUnderLimit) {
auto executor = absl::make_unique<sandbox2::Executor>(path, args); auto executor = absl::make_unique<sandbox2::Executor>(path, args);
executor->limits()->set_rlimit_as(100ULL << 20); // 100 MiB executor->limits()->set_rlimit_as(100ULL << 20); // 100 MiB
SAPI_ASSERT_OK_AND_ASSIGN(auto policy, sandbox2::PolicyBuilder() SAPI_ASSERT_OK_AND_ASSIGN(auto policy,
sandbox2::PolicyBuilder()
.DisableNamespaces() .DisableNamespaces()
// Don't restrict the syscalls at all. // Don't restrict the syscalls at all.
.DangerDefaultAllowAll() .DangerDefaultAllowAll()
@ -62,7 +63,8 @@ TEST(LimitsTest, RLimitASMmapAboveLimit) {
auto executor = absl::make_unique<sandbox2::Executor>(path, args); auto executor = absl::make_unique<sandbox2::Executor>(path, args);
executor->limits()->set_rlimit_as(100ULL << 20); // 100 MiB executor->limits()->set_rlimit_as(100ULL << 20); // 100 MiB
SAPI_ASSERT_OK_AND_ASSIGN(auto policy, sandbox2::PolicyBuilder() SAPI_ASSERT_OK_AND_ASSIGN(auto policy,
sandbox2::PolicyBuilder()
.DisableNamespaces() .DisableNamespaces()
// Don't restrict the syscalls at all. // Don't restrict the syscalls at all.
.DangerDefaultAllowAll() .DangerDefaultAllowAll()
@ -80,7 +82,8 @@ TEST(LimitsTest, RLimitASAllocaSmallUnderLimit) {
auto executor = absl::make_unique<sandbox2::Executor>(path, args); auto executor = absl::make_unique<sandbox2::Executor>(path, args);
executor->limits()->set_rlimit_as(100ULL << 20); // 100 MiB executor->limits()->set_rlimit_as(100ULL << 20); // 100 MiB
SAPI_ASSERT_OK_AND_ASSIGN(auto policy, sandbox2::PolicyBuilder() SAPI_ASSERT_OK_AND_ASSIGN(auto policy,
sandbox2::PolicyBuilder()
.DisableNamespaces() .DisableNamespaces()
// Don't restrict the syscalls at all. // Don't restrict the syscalls at all.
.DangerDefaultAllowAll() .DangerDefaultAllowAll()
@ -98,7 +101,8 @@ TEST(LimitsTest, RLimitASAllocaBigUnderLimit) {
auto executor = absl::make_unique<sandbox2::Executor>(path, args); auto executor = absl::make_unique<sandbox2::Executor>(path, args);
executor->limits()->set_rlimit_as(100ULL << 20); // 100 MiB executor->limits()->set_rlimit_as(100ULL << 20); // 100 MiB
SAPI_ASSERT_OK_AND_ASSIGN(auto policy, sandbox2::PolicyBuilder() SAPI_ASSERT_OK_AND_ASSIGN(auto policy,
sandbox2::PolicyBuilder()
.DisableNamespaces() .DisableNamespaces()
// Don't restrict the syscalls at all. // Don't restrict the syscalls at all.
.DangerDefaultAllowAll() .DangerDefaultAllowAll()
@ -116,7 +120,8 @@ TEST(LimitsTest, RLimitASAllocaBigAboveLimit) {
auto executor = absl::make_unique<sandbox2::Executor>(path, args); auto executor = absl::make_unique<sandbox2::Executor>(path, args);
executor->limits()->set_rlimit_as(100ULL << 20); // 100 MiB executor->limits()->set_rlimit_as(100ULL << 20); // 100 MiB
SAPI_ASSERT_OK_AND_ASSIGN(auto policy, sandbox2::PolicyBuilder() SAPI_ASSERT_OK_AND_ASSIGN(auto policy,
sandbox2::PolicyBuilder()
.DisableNamespaces() .DisableNamespaces()
// Don't restrict the syscalls at all. // Don't restrict the syscalls at all.
.DangerDefaultAllowAll() .DangerDefaultAllowAll()

9
sandboxed_api/sandbox2/mounts.cc
View File

@ -39,8 +39,8 @@
#include "sandboxed_api/util/fileops.h" #include "sandboxed_api/util/fileops.h"
#include "sandboxed_api/util/path.h" #include "sandboxed_api/util/path.h"
#include "sandboxed_api/util/raw_logging.h" #include "sandboxed_api/util/raw_logging.h"
#include "sandboxed_api/util/strerror.h"
#include "sandboxed_api/util/status_macros.h" #include "sandboxed_api/util/status_macros.h"
#include "sandboxed_api/util/strerror.h"
namespace sandbox2 { namespace sandbox2 {
namespace { namespace {
@ -306,9 +306,10 @@ void LogContainer(const std::vector<std::string>& container) {
absl::Status Mounts::AddMappingsForBinary(const std::string& path, absl::Status Mounts::AddMappingsForBinary(const std::string& path,
absl::string_view ld_library_path) { absl::string_view ld_library_path) {
SAPI_ASSIGN_OR_RETURN(auto elf, ElfFile::ParseFromFile( SAPI_ASSIGN_OR_RETURN(
path, ElfFile::kGetInterpreter | auto elf,
ElfFile::kLoadImportedLibraries)); ElfFile::ParseFromFile(
path, ElfFile::kGetInterpreter | ElfFile::kLoadImportedLibraries));
const std::string& interpreter = elf.interpreter(); const std::string& interpreter = elf.interpreter();
if (interpreter.empty()) { if (interpreter.empty()) {

5
sandboxed_api/sandbox2/mounts_test.cc
View File

@ -111,8 +111,9 @@ TEST(MountTreeTest, TestMultipleInsertionFileSymlink) {
TEST(MountTreeTest, TestMultipleInsertionDirSymlink) { TEST(MountTreeTest, TestMultipleInsertionDirSymlink) {
Mounts mounts; Mounts mounts;
SAPI_ASSERT_OK_AND_ASSIGN(std::string path, CreateTempDir(file::JoinPath( SAPI_ASSERT_OK_AND_ASSIGN(
GetTestTempPath(), "testdir_"))); std::string path,
CreateTempDir(file::JoinPath(GetTestTempPath(), "testdir_")));
SAPI_ASSERT_OK_AND_ASSIGN(std::string symlink_path, SAPI_ASSERT_OK_AND_ASSIGN(std::string symlink_path,
CreateNamedTempFileAndClose( CreateNamedTempFileAndClose(
file::JoinPath(GetTestTempPath(), "testdir_"))); file::JoinPath(GetTestTempPath(), "testdir_")));

36
sandboxed_api/sandbox2/namespace_test.cc
View File

@ -53,7 +53,8 @@ TEST(NamespaceTest, FileNamespaceWorks) {
const std::string path = GetTestSourcePath("sandbox2/testcases/namespace"); const std::string path = GetTestSourcePath("sandbox2/testcases/namespace");
std::vector<std::string> args = {path, "0", "/binary_path", "/etc/passwd"}; std::vector<std::string> args = {path, "0", "/binary_path", "/etc/passwd"};
auto executor = absl::make_unique<Executor>(path, args); auto executor = absl::make_unique<Executor>(path, args);
SAPI_ASSERT_OK_AND_ASSIGN(auto policy, PolicyBuilder() SAPI_ASSERT_OK_AND_ASSIGN(auto policy,
PolicyBuilder()
// Don't restrict the syscalls at all // Don't restrict the syscalls at all
.DangerDefaultAllowAll() .DangerDefaultAllowAll()
.AddFileAt(path, "/binary_path") .AddFileAt(path, "/binary_path")
@ -76,7 +77,8 @@ TEST(NamespaceTest, ReadOnlyIsRespected) {
// First check that it is readable // First check that it is readable
std::vector<std::string> args = {path, "0", "/temp_file"}; std::vector<std::string> args = {path, "0", "/temp_file"};
auto executor = absl::make_unique<Executor>(path, args); auto executor = absl::make_unique<Executor>(path, args);
SAPI_ASSERT_OK_AND_ASSIGN(auto policy, PolicyBuilder() SAPI_ASSERT_OK_AND_ASSIGN(auto policy,
PolicyBuilder()
// Don't restrict the syscalls at all // Don't restrict the syscalls at all
.DangerDefaultAllowAll() .DangerDefaultAllowAll()
.AddFileAt(name, "/temp_file") .AddFileAt(name, "/temp_file")
@ -92,7 +94,8 @@ TEST(NamespaceTest, ReadOnlyIsRespected) {
// Then check that it is not writeable // Then check that it is not writeable
std::vector<std::string> args = {path, "1", "/temp_file"}; std::vector<std::string> args = {path, "1", "/temp_file"};
auto executor = absl::make_unique<Executor>(path, args); auto executor = absl::make_unique<Executor>(path, args);
SAPI_ASSERT_OK_AND_ASSIGN(auto policy, PolicyBuilder() SAPI_ASSERT_OK_AND_ASSIGN(auto policy,
PolicyBuilder()
// Don't restrict the syscalls at all // Don't restrict the syscalls at all
.DangerDefaultAllowAll() .DangerDefaultAllowAll()
.AddFileAt(name, "/temp_file") .AddFileAt(name, "/temp_file")
@ -112,7 +115,8 @@ TEST(NamespaceTest, UserNamespaceWorks) {
std::vector<std::string> args = {path, "2"}; std::vector<std::string> args = {path, "2"};
{ {
auto executor = absl::make_unique<Executor>(path, args); auto executor = absl::make_unique<Executor>(path, args);
SAPI_ASSERT_OK_AND_ASSIGN(auto policy, PolicyBuilder() SAPI_ASSERT_OK_AND_ASSIGN(auto policy,
PolicyBuilder()
// Don't restrict the syscalls at all // Don't restrict the syscalls at all
.DangerDefaultAllowAll() .DangerDefaultAllowAll()
.TryBuild()); .TryBuild());
@ -127,7 +131,8 @@ TEST(NamespaceTest, UserNamespaceWorks) {
// Validate that getpid() does not return 2 when outside of an pid NS. // Validate that getpid() does not return 2 when outside of an pid NS.
{ {
auto executor = absl::make_unique<Executor>(path, args); auto executor = absl::make_unique<Executor>(path, args);
SAPI_ASSERT_OK_AND_ASSIGN(auto policy, PolicyBuilder() SAPI_ASSERT_OK_AND_ASSIGN(auto policy,
PolicyBuilder()
.DisableNamespaces() .DisableNamespaces()
// Don't restrict the syscalls at all // Don't restrict the syscalls at all
.DangerDefaultAllowAll() .DangerDefaultAllowAll()
@ -148,7 +153,8 @@ TEST(NamespaceTest, UserNamespaceIDMapWritten) {
{ {
std::vector<std::string> args = {path, "3", "1000", "1000"}; std::vector<std::string> args = {path, "3", "1000", "1000"};
auto executor = absl::make_unique<Executor>(path, args); auto executor = absl::make_unique<Executor>(path, args);
SAPI_ASSERT_OK_AND_ASSIGN(auto policy, PolicyBuilder() SAPI_ASSERT_OK_AND_ASSIGN(auto policy,
PolicyBuilder()
// Don't restrict the syscalls at all // Don't restrict the syscalls at all
.DangerDefaultAllowAll() .DangerDefaultAllowAll()
.TryBuild()); .TryBuild());
@ -166,7 +172,8 @@ TEST(NamespaceTest, UserNamespaceIDMapWritten) {
const std::string gid = absl::StrCat(getgid()); const std::string gid = absl::StrCat(getgid());
std::vector<std::string> args = {path, "3", uid, gid}; std::vector<std::string> args = {path, "3", uid, gid};
auto executor = absl::make_unique<Executor>(path, args); auto executor = absl::make_unique<Executor>(path, args);
SAPI_ASSERT_OK_AND_ASSIGN(auto policy, PolicyBuilder() SAPI_ASSERT_OK_AND_ASSIGN(auto policy,
PolicyBuilder()
.DisableNamespaces() .DisableNamespaces()
// Don't restrict the syscalls at all // Don't restrict the syscalls at all
.DangerDefaultAllowAll() .DangerDefaultAllowAll()
@ -186,7 +193,8 @@ TEST(NamespaceTest, RootReadOnly) {
const std::string path = GetTestSourcePath("sandbox2/testcases/namespace"); const std::string path = GetTestSourcePath("sandbox2/testcases/namespace");
std::vector<std::string> args = {path, "4", "/tmp/testfile", "/testfile"}; std::vector<std::string> args = {path, "4", "/tmp/testfile", "/testfile"};
auto executor = absl::make_unique<Executor>(path, args); auto executor = absl::make_unique<Executor>(path, args);
SAPI_ASSERT_OK_AND_ASSIGN(auto policy, PolicyBuilder() SAPI_ASSERT_OK_AND_ASSIGN(auto policy,
PolicyBuilder()
// Don't restrict the syscalls at all // Don't restrict the syscalls at all
.DangerDefaultAllowAll() .DangerDefaultAllowAll()
.AddTmpfs("/tmp") .AddTmpfs("/tmp")
@ -204,7 +212,8 @@ TEST(NamespaceTest, RootWritable) {
const std::string path = GetTestSourcePath("sandbox2/testcases/namespace"); const std::string path = GetTestSourcePath("sandbox2/testcases/namespace");
std::vector<std::string> args = {path, "4", "/testfile"}; std::vector<std::string> args = {path, "4", "/testfile"};
auto executor = absl::make_unique<Executor>(path, args); auto executor = absl::make_unique<Executor>(path, args);
SAPI_ASSERT_OK_AND_ASSIGN(auto policy, PolicyBuilder() SAPI_ASSERT_OK_AND_ASSIGN(auto policy,
PolicyBuilder()
// Don't restrict the syscalls at all // Don't restrict the syscalls at all
.DangerDefaultAllowAll() .DangerDefaultAllowAll()
.SetRootWritable() .SetRootWritable()
@ -233,7 +242,8 @@ class HostnameTest : public testing::Test {
}; };
TEST_F(HostnameTest, None) { TEST_F(HostnameTest, None) {
SAPI_ASSERT_OK_AND_ASSIGN(auto policy, PolicyBuilder() SAPI_ASSERT_OK_AND_ASSIGN(auto policy,
PolicyBuilder()
.DisableNamespaces() .DisableNamespaces()
// Don't restrict the syscalls at all // Don't restrict the syscalls at all
.DangerDefaultAllowAll() .DangerDefaultAllowAll()
@ -243,7 +253,8 @@ TEST_F(HostnameTest, None) {
} }
TEST_F(HostnameTest, Default) { TEST_F(HostnameTest, Default) {
SAPI_ASSERT_OK_AND_ASSIGN(auto policy, PolicyBuilder() SAPI_ASSERT_OK_AND_ASSIGN(auto policy,
PolicyBuilder()
// Don't restrict the syscalls at all // Don't restrict the syscalls at all
.DangerDefaultAllowAll() .DangerDefaultAllowAll()
.TryBuild()); .TryBuild());
@ -252,7 +263,8 @@ TEST_F(HostnameTest, Default) {
} }
TEST_F(HostnameTest, Configured) { TEST_F(HostnameTest, Configured) {
SAPI_ASSERT_OK_AND_ASSIGN(auto policy, PolicyBuilder() SAPI_ASSERT_OK_AND_ASSIGN(auto policy,
PolicyBuilder()
// Don't restrict the syscalls at all // Don't restrict the syscalls at all
.DangerDefaultAllowAll() .DangerDefaultAllowAll()
.SetHostname("configured") .SetHostname("configured")

2
sandboxed_api/sandbox2/network_proxy/client.cc
View File

@ -28,8 +28,8 @@
#include "absl/status/status.h" #include "absl/status/status.h"
#include "absl/strings/str_cat.h" #include "absl/strings/str_cat.h"
#include "sandboxed_api/config.h" #include "sandboxed_api/config.h"
#include "sandboxed_api/util/strerror.h"
#include "sandboxed_api/util/status_macros.h" #include "sandboxed_api/util/status_macros.h"
#include "sandboxed_api/util/strerror.h"
namespace sandbox2 { namespace sandbox2 {

2
sandboxed_api/sandbox2/network_proxy/filtering.cc
View File

@ -22,8 +22,8 @@
#include "absl/strings/numbers.h" #include "absl/strings/numbers.h"
#include "absl/strings/str_cat.h" #include "absl/strings/str_cat.h"
#include "absl/strings/str_split.h" #include "absl/strings/str_split.h"
#include "sandboxed_api/util/strerror.h"
#include "sandboxed_api/util/status_macros.h" #include "sandboxed_api/util/status_macros.h"
#include "sandboxed_api/util/strerror.h"
namespace sandbox2 { namespace sandbox2 {

30
sandboxed_api/sandbox2/policybuilder_test.cc
View File

@ -24,6 +24,7 @@
#include "gmock/gmock.h" #include "gmock/gmock.h"
#include "gtest/gtest.h" #include "gtest/gtest.h"
#include "absl/memory/memory.h" #include "absl/memory/memory.h"
#include "absl/status/status.h"
#include "absl/status/statusor.h" #include "absl/status/statusor.h"
#include "absl/strings/match.h" #include "absl/strings/match.h"
#include "absl/strings/str_cat.h" #include "absl/strings/str_cat.h"
@ -36,19 +37,6 @@
#include "sandboxed_api/sandbox2/util/bpf_helper.h" #include "sandboxed_api/sandbox2/util/bpf_helper.h"
#include "sandboxed_api/testing.h" #include "sandboxed_api/testing.h"
#include "sandboxed_api/util/status_matchers.h" #include "sandboxed_api/util/status_matchers.h"
#include "absl/status/status.h"
using ::sapi::GetTestSourcePath;
using ::testing::AllOf;
using ::testing::AnyOf;
using ::testing::Eq;
using ::testing::Gt;
using ::testing::HasSubstr;
using ::testing::Lt;
using ::testing::NotNull;
using ::testing::StartsWith;
using ::testing::StrEq;
using ::sapi::StatusIs;
namespace sandbox2 { namespace sandbox2 {
@ -69,6 +57,18 @@ class PolicyBuilderPeer {
namespace { namespace {
using ::sapi::GetTestSourcePath;
using ::testing::AllOf;
using ::testing::AnyOf;
using ::testing::Eq;
using ::testing::Gt;
using ::testing::HasSubstr;
using ::testing::Lt;
using ::testing::NotNull;
using ::testing::StartsWith;
using ::testing::StrEq;
using ::sapi::StatusIs;
class PolicyBuilderTest : public testing::Test { class PolicyBuilderTest : public testing::Test {
protected: protected:
static std::string Run(std::vector<std::string> args, bool network = false); static std::string Run(std::vector<std::string> args, bool network = false);
@ -149,8 +149,8 @@ TEST_F(PolicyBuilderTest, TestValidateAbsolutePath) {
for (auto const& good_path : for (auto const& good_path :
{"/", "/a/b/c/d", "/a/b/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"}) { {"/", "/a/b/c/d", "/a/b/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"}) {
SAPI_ASSERT_OK_AND_ASSIGN(std::string path, SAPI_ASSERT_OK_AND_ASSIGN(
PolicyBuilderPeer::ValidateAbsolutePath(good_path)); std::string path, PolicyBuilderPeer::ValidateAbsolutePath(good_path));
EXPECT_THAT(path, StrEq(good_path)); EXPECT_THAT(path, StrEq(good_path));
} }
} }

22
sandboxed_api/sandbox2/sandbox2_test.cc
View File

@ -55,7 +55,8 @@ TEST(SandboxCoreDumpTest, AbortWithoutCoreDumpReturnsSignaled) {
}; };
auto executor = absl::make_unique<Executor>(path, args); auto executor = absl::make_unique<Executor>(path, args);
SAPI_ASSERT_OK_AND_ASSIGN(auto policy, PolicyBuilder() SAPI_ASSERT_OK_AND_ASSIGN(auto policy,
PolicyBuilder()
.DisableNamespaces() .DisableNamespaces()
// Don't restrict the syscalls at all. // Don't restrict the syscalls at all.
.DangerDefaultAllowAll() .DangerDefaultAllowAll()
@ -77,7 +78,8 @@ TEST(TsyncTest, TsyncNoMemoryChecks) {
auto executor = absl::make_unique<Executor>(path, args); auto executor = absl::make_unique<Executor>(path, args);
executor->set_enable_sandbox_before_exec(false); executor->set_enable_sandbox_before_exec(false);
SAPI_ASSERT_OK_AND_ASSIGN(auto policy, PolicyBuilder() SAPI_ASSERT_OK_AND_ASSIGN(auto policy,
PolicyBuilder()
.DisableNamespaces() .DisableNamespaces()
// Don't restrict the syscalls at all. // Don't restrict the syscalls at all.
.DangerDefaultAllowAll() .DangerDefaultAllowAll()
@ -104,7 +106,8 @@ TEST(ExecutorTest, ExecutorFdConstructor) {
std::vector<std::string> envs; std::vector<std::string> envs;
auto executor = absl::make_unique<Executor>(fd, args, envs); auto executor = absl::make_unique<Executor>(fd, args, envs);
SAPI_ASSERT_OK_AND_ASSIGN(auto policy, PolicyBuilder() SAPI_ASSERT_OK_AND_ASSIGN(auto policy,
PolicyBuilder()
.DisableNamespaces() .DisableNamespaces()
// Don't restrict the syscalls at all. // Don't restrict the syscalls at all.
.DangerDefaultAllowAll() .DangerDefaultAllowAll()
@ -124,7 +127,8 @@ TEST(RunAsyncTest, SandboxeeExternalKill) {
std::vector<std::string> envs; std::vector<std::string> envs;
auto executor = absl::make_unique<Executor>(path, args, envs); auto executor = absl::make_unique<Executor>(path, args, envs);
SAPI_ASSERT_OK_AND_ASSIGN(auto policy, PolicyBuilder() SAPI_ASSERT_OK_AND_ASSIGN(auto policy,
PolicyBuilder()
// Don't restrict the syscalls at all. // Don't restrict the syscalls at all.
.DangerDefaultAllowAll() .DangerDefaultAllowAll()
.TryBuild()); .TryBuild());
@ -146,7 +150,8 @@ TEST(RunAsyncTest, SandboxeeTimeoutWithStacktraces) {
std::vector<std::string> envs; std::vector<std::string> envs;
auto executor = absl::make_unique<Executor>(path, args, envs); auto executor = absl::make_unique<Executor>(path, args, envs);
SAPI_ASSERT_OK_AND_ASSIGN(auto policy, PolicyBuilder() SAPI_ASSERT_OK_AND_ASSIGN(auto policy,
PolicyBuilder()
// Don't restrict the syscalls at all. // Don't restrict the syscalls at all.
.DangerDefaultAllowAll() .DangerDefaultAllowAll()
.TryBuild()); .TryBuild());
@ -166,7 +171,8 @@ TEST(RunAsyncTest, SandboxeeTimeoutDisabledStacktraces) {
std::vector<std::string> envs; std::vector<std::string> envs;
auto executor = absl::make_unique<Executor>(path, args, envs); auto executor = absl::make_unique<Executor>(path, args, envs);
SAPI_ASSERT_OK_AND_ASSIGN(auto policy, PolicyBuilder() SAPI_ASSERT_OK_AND_ASSIGN(auto policy,
PolicyBuilder()
// Don't restrict the syscalls at all. // Don't restrict the syscalls at all.
.DangerDefaultAllowAll() .DangerDefaultAllowAll()
.CollectStacktracesOnTimeout(false) .CollectStacktracesOnTimeout(false)
@ -187,8 +193,8 @@ TEST(RunAsyncTest, SandboxeeViolationDisabledStacktraces) {
std::vector<std::string> envs; std::vector<std::string> envs;
auto executor = absl::make_unique<Executor>(path, args, envs); auto executor = absl::make_unique<Executor>(path, args, envs);
SAPI_ASSERT_OK_AND_ASSIGN(auto policy, SAPI_ASSERT_OK_AND_ASSIGN(
PolicyBuilder() auto policy, PolicyBuilder()
// Don't allow anything - Make sure that we'll crash. // Don't allow anything - Make sure that we'll crash.
.CollectStacktracesOnViolation(false) .CollectStacktracesOnViolation(false)
.TryBuild()); .TryBuild());

3
sandboxed_api/sandbox2/sanitizer_test.cc
View File

@ -120,7 +120,8 @@ TEST(SanitizerTest, TestSandboxedBinary) {
}; };
auto executor = absl::make_unique<Executor>(path, args); auto executor = absl::make_unique<Executor>(path, args);
SAPI_ASSERT_OK_AND_ASSIGN(auto policy, PolicyBuilder() SAPI_ASSERT_OK_AND_ASSIGN(auto policy,
PolicyBuilder()
.DisableNamespaces() .DisableNamespaces()
// Don't restrict the syscalls at all. // Don't restrict the syscalls at all.
.DangerDefaultAllowAll() .DangerDefaultAllowAll()

4
sandboxed_api/sandbox2/stack_trace_test.cc
View File

@ -181,8 +181,8 @@ TEST(StackTraceTest, SymbolizationTrustedFilesOnly) {
const std::string path = GetTestSourcePath("sandbox2/testcases/symbolize"); const std::string path = GetTestSourcePath("sandbox2/testcases/symbolize");
std::vector<std::string> args = {path, "2"}; std::vector<std::string> args = {path, "2"};
auto executor = absl::make_unique<Executor>(path, args); auto executor = absl::make_unique<Executor>(path, args);
SAPI_ASSERT_OK_AND_ASSIGN(auto policy, PolicyBuilder{} SAPI_ASSERT_OK_AND_ASSIGN(
// Don't restrict the syscalls at all. auto policy, PolicyBuilder{} // Don't restrict the syscalls at all.
.DangerDefaultAllowAll() .DangerDefaultAllowAll()
.AddFile(path) .AddFile(path)
.AddLibrariesForBinary(path) .AddLibrariesForBinary(path)

8
sandboxed_api/sandbox2/util/minielf.cc
View File

@ -27,8 +27,8 @@
#include "sandboxed_api/config.h" #include "sandboxed_api/config.h"
#include "sandboxed_api/sandbox2/util.h" #include "sandboxed_api/sandbox2/util.h"
#include "sandboxed_api/util/raw_logging.h" #include "sandboxed_api/util/raw_logging.h"
#include "sandboxed_api/util/strerror.h"
#include "sandboxed_api/util/status_macros.h" #include "sandboxed_api/util/status_macros.h"
#include "sandboxed_api/util/strerror.h"
namespace host_cpu = ::sapi::host_cpu; namespace host_cpu = ::sapi::host_cpu;
using ::sapi::StrError; using ::sapi::StrError;
@ -370,7 +370,8 @@ absl::Status ElfParser::ReadSymbolsFromSymtab(const ElfShdr& symtab) {
absl::StrCat("invalid symtab's strtab reference: ", symtab.sh_link)); absl::StrCat("invalid symtab's strtab reference: ", symtab.sh_link));
} }
SAPI_RAW_VLOG(1, "Symbol table with %zu entries found", symbol_entries); SAPI_RAW_VLOG(1, "Symbol table with %zu entries found", symbol_entries);
SAPI_ASSIGN_OR_RETURN(std::string strtab, ReadSectionContents(symtab.sh_link)); SAPI_ASSIGN_OR_RETURN(std::string strtab,
ReadSectionContents(symtab.sh_link));
SAPI_ASSIGN_OR_RETURN(std::string symbols, ReadSectionContents(symtab)); SAPI_ASSIGN_OR_RETURN(std::string symbols, ReadSectionContents(symtab));
result_.symbols_.reserve(result_.symbols_.size() + symbol_entries); result_.symbols_.reserve(result_.symbols_.size() + symbol_entries);
for (absl::string_view src = symbols; !src.empty(); for (absl::string_view src = symbols; !src.empty();
@ -441,7 +442,8 @@ absl::Status ElfParser::ReadImportedLibrariesFromDynamic(
absl::StrCat("symtab's strtab too big: ", strtab_section.sh_size)); absl::StrCat("symtab's strtab too big: ", strtab_section.sh_size));
} }
auto strtab_end = strtab_section.sh_offset + strtab_section.sh_size; auto strtab_end = strtab_section.sh_offset + strtab_section.sh_size;
SAPI_ASSIGN_OR_RETURN(std::string dynamic_entries, ReadSectionContents(dynamic)); SAPI_ASSIGN_OR_RETURN(std::string dynamic_entries,
ReadSectionContents(dynamic));
for (absl::string_view src = dynamic_entries; !src.empty(); for (absl::string_view src = dynamic_entries; !src.empty();
src = src.substr(dynamic.sh_entsize)) { src = src.substr(dynamic.sh_entsize)) {
ElfDyn dyn; ElfDyn dyn;

3
sandboxed_api/sandbox2/util/minielf_test.cc
View File

@ -61,7 +61,8 @@ TEST(MinielfTest, SymbolResolutionWorks) {
ASSERT_THAT( ASSERT_THAT(
file::GetContents("/proc/self/maps", &maps_buffer, file::Defaults()), file::GetContents("/proc/self/maps", &maps_buffer, file::Defaults()),
IsOk()); IsOk());
SAPI_ASSERT_OK_AND_ASSIGN(std::vector<MapsEntry> maps, ParseProcMaps(maps_buffer)); SAPI_ASSERT_OK_AND_ASSIGN(std::vector<MapsEntry> maps,
ParseProcMaps(maps_buffer));
// Find maps entry that covers this entry. // Find maps entry that covers this entry.
uint64_t function_address = reinterpret_cast<uint64_t>(ExportedFunctionName); uint64_t function_address = reinterpret_cast<uint64_t>(ExportedFunctionName);

9
sandboxed_api/tools/clang_generator/emitter.cc
View File

@ -54,8 +54,8 @@ constexpr absl::string_view kHeaderProlog =
#include "absl/status/status.h" #include "absl/status/status.h"
#include "absl/status/statusor.h" #include "absl/status/statusor.h"
#include "sandboxed_api/sandbox.h" #include "sandboxed_api/sandbox.h"
#include "sandboxed_api/vars.h"
#include "sandboxed_api/util/status_macros.h" #include "sandboxed_api/util/status_macros.h"
#include "sandboxed_api/vars.h"
)"; )";
constexpr absl::string_view kHeaderEpilog = constexpr absl::string_view kHeaderEpilog =
@ -299,8 +299,8 @@ absl::StatusOr<std::string> EmitFunction(const clang::FunctionDecl* decl) {
");\n"); ");\n");
} }
} }
absl::StrAppend(&out, "\nSAPI_RETURN_IF_ERROR(sandbox_->Call(\"", function_name, absl::StrAppend(&out, "\nSAPI_RETURN_IF_ERROR(sandbox_->Call(\"",
"\", &v_ret_"); function_name, "\", &v_ret_");
for (const auto& [qual, name] : params) { for (const auto& [qual, name] : params) {
absl::StrAppend(&out, ", ", IsPointerOrReference(qual) ? "" : "&v_", name); absl::StrAppend(&out, ", ", IsPointerOrReference(qual) ? "" : "&v_", name);
} }
@ -412,7 +412,8 @@ void Emitter::CollectFunction(clang::FunctionDecl* decl) {
absl::StatusOr<std::string> Emitter::EmitHeader( absl::StatusOr<std::string> Emitter::EmitHeader(
const GeneratorOptions& options) { const GeneratorOptions& options) {
SAPI_ASSIGN_OR_RETURN(const std::string header, SAPI_ASSIGN_OR_RETURN(
const std::string header,
::sapi::EmitHeader(functions_, rendered_types_, options)); ::sapi::EmitHeader(functions_, rendered_types_, options));
return internal::ReformatGoogleStyle(options.out_file, header); return internal::ReformatGoogleStyle(options.out_file, header);
} }

4
sandboxed_api/transaction.cc
View File

@ -13,6 +13,7 @@
// limitations under the License. // limitations under the License.
#include "sandboxed_api/transaction.h" #include "sandboxed_api/transaction.h"
#include "sandboxed_api/util/status_macros.h" #include "sandboxed_api/util/status_macros.h"
namespace sapi { namespace sapi {
@ -26,7 +27,8 @@ absl::Status TransactionBase::RunTransactionFunctionInSandbox(
// Set the wall-time limit for this transaction run, and clean it up // Set the wall-time limit for this transaction run, and clean it up
// afterwards, no matter what the result. // afterwards, no matter what the result.
SAPI_RETURN_IF_ERROR(sandbox_->SetWallTimeLimit(absl::Seconds(GetTimeLimit()))); SAPI_RETURN_IF_ERROR(
sandbox_->SetWallTimeLimit(absl::Seconds(GetTimeLimit())));
struct TimeCleanup { struct TimeCleanup {
~TimeCleanup() { ~TimeCleanup() {
capture->sandbox_->SetWallTimeLimit(absl::ZeroDuration()).IgnoreError(); capture->sandbox_->SetWallTimeLimit(absl::ZeroDuration()).IgnoreError();

1
sandboxed_api/transaction.h
View File

@ -22,7 +22,6 @@
#include "absl/strings/str_cat.h" #include "absl/strings/str_cat.h"
#include "absl/time/time.h" #include "absl/time/time.h"
#include "sandboxed_api/sandbox.h" #include "sandboxed_api/sandbox.h"
#include "sandboxed_api/util/status_macros.h"
#define TRANSACTION_FAIL_IF_NOT(x, y) \ #define TRANSACTION_FAIL_IF_NOT(x, y) \
if (!(x)) { \ if (!(x)) { \

2
sandboxed_api/var_abstract.cc
View File

@ -19,9 +19,9 @@
#include <sys/uio.h> #include <sys/uio.h>
#include <glog/logging.h> #include <glog/logging.h>
#include "sandboxed_api/sandbox2/comms.h"
#include "absl/strings/str_cat.h" #include "absl/strings/str_cat.h"
#include "sandboxed_api/rpcchannel.h" #include "sandboxed_api/rpcchannel.h"
#include "sandboxed_api/sandbox2/comms.h"
#include "sandboxed_api/util/status_macros.h" #include "sandboxed_api/util/status_macros.h"
namespace sapi::v { namespace sapi::v {

2
sandboxed_api/var_array.h
View File

@ -25,10 +25,10 @@
#include "absl/strings/str_cat.h" #include "absl/strings/str_cat.h"
#include "absl/strings/string_view.h" #include "absl/strings/string_view.h"
#include "sandboxed_api/rpcchannel.h" #include "sandboxed_api/rpcchannel.h"
#include "sandboxed_api/util/status_macros.h"
#include "sandboxed_api/var_abstract.h" #include "sandboxed_api/var_abstract.h"
#include "sandboxed_api/var_pointable.h" #include "sandboxed_api/var_pointable.h"
#include "sandboxed_api/var_ptr.h" #include "sandboxed_api/var_ptr.h"
#include "sandboxed_api/util/status_macros.h"
namespace sapi::v { namespace sapi::v {

1
sandboxed_api/var_int.cc
View File

@ -13,6 +13,7 @@
// limitations under the License. // limitations under the License.
#include "sandboxed_api/var_int.h" #include "sandboxed_api/var_int.h"
#include "sandboxed_api/rpcchannel.h" #include "sandboxed_api/rpcchannel.h"
#include "sandboxed_api/util/status_macros.h" #include "sandboxed_api/util/status_macros.h"

5
sandboxed_api/var_lenval.cc
View File

@ -12,15 +12,14 @@
// See the License for the specific language governing permissions and // See the License for the specific language governing permissions and
// limitations under the License. // limitations under the License.
// Implementation of sapi::v::LenVal.
#include "sandboxed_api/var_lenval.h" #include "sandboxed_api/var_lenval.h"
#include <sys/uio.h> #include <sys/uio.h>
#include <glog/logging.h> #include <glog/logging.h>
#include "sandboxed_api/sandbox2/comms.h"
#include "sandboxed_api/rpcchannel.h" #include "sandboxed_api/rpcchannel.h"
#include "sandboxed_api/sandbox2/comms.h"
#include "sandboxed_api/util/status_macros.h"
namespace sapi::v { namespace sapi::v {

2
sandboxed_api/var_proto.h
View File

@ -25,10 +25,10 @@
#include "absl/memory/memory.h" #include "absl/memory/memory.h"
#include "absl/status/statusor.h" #include "absl/status/statusor.h"
#include "sandboxed_api/proto_helper.h" #include "sandboxed_api/proto_helper.h"
#include "sandboxed_api/util/status_macros.h"
#include "sandboxed_api/var_lenval.h" #include "sandboxed_api/var_lenval.h"
#include "sandboxed_api/var_pointable.h" #include "sandboxed_api/var_pointable.h"
#include "sandboxed_api/var_ptr.h" #include "sandboxed_api/var_ptr.h"
#include "sandboxed_api/util/status_macros.h"
namespace sapi::v { namespace sapi::v {