Use proper return code for static_sandbox example

Also bump FSIZE limit to make it less likely to fail. PiperOrigin-RevId: 268857718 Change-Id: I955ed4a10d8a49585ae330ab668a0bd891bb6ed6
2024-03-22 13:11:30 +08:00 · 2019-09-13 01:22:14 -07:00 · 2019-09-13 01:22:14 -07:00 · d6ca9d9564
commit d6ca9d9564
parent 2e22b13b39
1 changed files with 10 additions and 2 deletions
--- a/sandboxed_api/sandbox2/examples/static/static_sandbox.cc
+++ b/sandboxed_api/sandbox2/examples/static/static_sandbox.cc
@ -97,6 +97,13 @@ std::unique_ptr<sandbox2::Policy> GetPolicy() {
 }

 int main(int argc, char** argv) {
+  // This test is incompatible with sanitizers.
+  // The `SKIP_SANITIZERS_AND_COVERAGE` macro won't work for us here since we
+  // need to return something.
+#if defined(ADDRESS_SANITIZER) || defined(MEMORY_SANITIZER) || \
+    defined(THREAD_SANITIZER)
+  return EXIT_SUCCESS;
+#endif
  gflags::ParseCommandLineFlags(&argc, &argv, true);
  google::InitGoogleLogging(argv[0]);

@ -116,7 +123,7 @@ int main(int argc, char** argv) {
      ->set_rlimit_as(RLIM64_INFINITY)
      // Kill sandboxed processes with a signal (SIGXFSZ) if it writes more than
      // these many bytes to the file-system.
-      .set_rlimit_fsize(1024)
+      .set_rlimit_fsize(1024 * 1024)
      // The CPU time limit.
      .set_rlimit_cpu(60)
      .set_walltime_limit(absl::Seconds(30));
@ -135,5 +142,6 @@ int main(int argc, char** argv) {

  LOG(INFO) << "Final execution status: " << result.ToString();

-  return EXIT_SUCCESS;
+  return result.final_status() == sandbox2::Result::OK ? EXIT_SUCCESS
+                                                       : EXIT_FAILURE;
 }