diff --git a/sandboxed_api/embed_file.h b/sandboxed_api/embed_file.h index b65dfaa..745387a 100644 --- a/sandboxed_api/embed_file.h +++ b/sandboxed_api/embed_file.h @@ -15,7 +15,6 @@ #ifndef SANDBOXED_API_EMBED_FILE_H_ #define SANDBOXED_API_EMBED_FILE_H_ -#include #include #include "sandboxed_api/file_toc.h" diff --git a/sandboxed_api/examples/stringop/lib/stringop.cc b/sandboxed_api/examples/stringop/lib/stringop.cc index 382d80a..67e15f5 100644 --- a/sandboxed_api/examples/stringop/lib/stringop.cc +++ b/sandboxed_api/examples/stringop/lib/stringop.cc @@ -50,7 +50,7 @@ extern "C" int reverse_string(sapi::LenValStruct* input) { // Free old value. free(input->data); - // Replace pointer to our new std::string. + // Replace pointer to our new string. input->data = new_buf; return 1; } diff --git a/sandboxed_api/sandbox.h b/sandboxed_api/sandbox.h index f1a8bd7..33a3639 100644 --- a/sandboxed_api/sandbox.h +++ b/sandboxed_api/sandbox.h @@ -16,6 +16,7 @@ #define SANDBOXED_API_SANDBOX_H_ #include +#include #include #include "sandboxed_api/file_toc.h" @@ -71,7 +72,8 @@ class Sandbox { // Makes a call to the sandboxee. template - ::sapi::Status Call(const std::string& func, v::Callable* ret, Args&&... args) { + ::sapi::Status Call(const std::string& func, v::Callable* ret, + Args&&... args) { static_assert(sizeof...(Args) <= FuncCall::kArgsMax, "Too many arguments to sapi::Sandbox::Call()"); return Call(func, ret, {std::forward(args)...}); diff --git a/sandboxed_api/sandbox2/comms.cc b/sandboxed_api/sandbox2/comms.cc index 1add4a2..d88412f 100644 --- a/sandboxed_api/sandbox2/comms.cc +++ b/sandboxed_api/sandbox2/comms.cc @@ -500,7 +500,7 @@ socklen_t Comms::CreateSockaddrUn(sockaddr_un* sun) { bzero(sun->sun_path, sizeof(sun->sun_path)); // Create an 'abstract socket address' by specifying a leading null byte. The // remainder of the path is used as a unique name, but no file is created on - // the filesystem. No need to NUL-terminate the std::string. + // the filesystem. No need to NUL-terminate the string. // See `man 7 unix` for further explanation. strncpy(&sun->sun_path[1], socket_name_.c_str(), sizeof(sun->sun_path) - 1); diff --git a/sandboxed_api/sandbox2/docs/getting-started.md b/sandboxed_api/sandbox2/docs/getting-started.md index f44ea16..82912cd 100644 --- a/sandboxed_api/sandbox2/docs/getting-started.md +++ b/sandboxed_api/sandbox2/docs/getting-started.md @@ -23,9 +23,9 @@ This is the simplest and safest way to use sandboxing. For examples see #include "sandboxed_api/sandbox2/executor.h" std::string path = "path/to/binary"; -std::vector args = {path}; // args[0] will become the sandboxed - // process' argv[0], typically the path - // to the binary. +std::vector args = {path}; // args[0] will become the sandboxed + // process' argv[0], typically the + // path to the binary. auto executor = absl::make_unique(path, args); ``` diff --git a/sandboxed_api/sandbox2/executor.h b/sandboxed_api/sandbox2/executor.h index f4d1122..e3515b4 100644 --- a/sandboxed_api/sandbox2/executor.h +++ b/sandboxed_api/sandbox2/executor.h @@ -105,9 +105,11 @@ class Executor final { /*fork_client=*/nullptr) {} // Delegate constructor that gets called by the public ones. - Executor(int exec_fd, const std::string& path, const std::vector& argv, - const std::vector& envp, bool enable_sandboxing_pre_execve, - pid_t libunwind_sbox_for_pid, ForkClient* fork_client); + Executor(int exec_fd, const std::string& path, + const std::vector& argv, + const std::vector& envp, + bool enable_sandboxing_pre_execve, pid_t libunwind_sbox_for_pid, + ForkClient* fork_client); // Creates a copy of the environment static std::vector CopyEnviron(); diff --git a/sandboxed_api/sandbox2/forkserver.h b/sandboxed_api/sandbox2/forkserver.h index 635e6a7..22a3cb9 100644 --- a/sandboxed_api/sandbox2/forkserver.h +++ b/sandboxed_api/sandbox2/forkserver.h @@ -19,6 +19,7 @@ #define SANDBOXED_API_SANDBOX2_FORKSERVER_H_ #include + #include #include diff --git a/sandboxed_api/sandbox2/monitor.cc b/sandboxed_api/sandbox2/monitor.cc index d3339df..f48e91f 100644 --- a/sandboxed_api/sandbox2/monitor.cc +++ b/sandboxed_api/sandbox2/monitor.cc @@ -93,7 +93,8 @@ Monitor::Monitor(Executor* executor, Policy* policy, Notify* notify) setup_counter_(new absl::BlockingCounter(1)), done_(false), wait_for_execve_(executor->enable_sandboxing_pre_execve_) { - std::string path = absl::GetFlag(FLAGS_sandbox2_danger_danger_permit_all_and_log); + std::string path = + absl::GetFlag(FLAGS_sandbox2_danger_danger_permit_all_and_log); if (!path.empty()) { log_file_ = std::fopen(path.c_str(), "a+"); PCHECK(log_file_ != nullptr) << "Failed to open log file '" << path << "'"; diff --git a/sandboxed_api/sandbox2/mounts.cc b/sandboxed_api/sandbox2/mounts.cc index bb23290..0e11625 100644 --- a/sandboxed_api/sandbox2/mounts.cc +++ b/sandboxed_api/sandbox2/mounts.cc @@ -192,7 +192,7 @@ std::string GetPlatform(absl::string_view interpreter) { auto split = file::SplitPath(fixed_path); absl::string_view cur = split.first; - std::string final_part = std::string(split.second); + auto final_part = std::string(split.second); while (cur != "/") { auto split = file::SplitPath(cur); diff --git a/sandboxed_api/sandbox2/mounts_test.cc b/sandboxed_api/sandbox2/mounts_test.cc index f928c95..cefb670 100644 --- a/sandboxed_api/sandbox2/mounts_test.cc +++ b/sandboxed_api/sandbox2/mounts_test.cc @@ -29,7 +29,6 @@ using sapi::IsOk; using sapi::StatusIs; using ::testing::Eq; -using ::testing::StrEq; namespace sandbox2 { namespace { diff --git a/sandboxed_api/sandbox2/namespace.cc b/sandboxed_api/sandbox2/namespace.cc index d36d740..dd831ae 100644 --- a/sandboxed_api/sandbox2/namespace.cc +++ b/sandboxed_api/sandbox2/namespace.cc @@ -29,7 +29,6 @@ #include #include -#include #include #include "absl/strings/str_cat.h" diff --git a/sandboxed_api/sandbox2/namespace.h b/sandboxed_api/sandbox2/namespace.h index 811d2ba..de49cf1 100644 --- a/sandboxed_api/sandbox2/namespace.h +++ b/sandboxed_api/sandbox2/namespace.h @@ -22,6 +22,7 @@ #include #include +#include #include "absl/base/macros.h" #include "sandboxed_api/sandbox2/mounts.h" @@ -40,7 +41,8 @@ class Namespace final { Namespace(const Namespace&) = delete; Namespace& operator=(const Namespace&) = delete; - Namespace(bool allow_unrestricted_networking, Mounts mounts, std::string hostname); + Namespace(bool allow_unrestricted_networking, Mounts mounts, + std::string hostname); void DisableUserNamespace(); diff --git a/sandboxed_api/sandbox2/policy_test.cc b/sandboxed_api/sandbox2/policy_test.cc index c421197..b27be97 100644 --- a/sandboxed_api/sandbox2/policy_test.cc +++ b/sandboxed_api/sandbox2/policy_test.cc @@ -186,7 +186,8 @@ TEST(MinimalTest, MinimalBinaryWorks) { // Test that we can sandbox a minimal non-static binary returning 0. TEST(MinimalTest, MinimalSharedBinaryWorks) { SKIP_SANITIZERS_AND_COVERAGE; - const std::string path = GetTestSourcePath("sandbox2/testcases/minimal_dynamic"); + const std::string path = + GetTestSourcePath("sandbox2/testcases/minimal_dynamic"); std::vector args = {path}; auto executor = absl::make_unique(path, args); @@ -212,7 +213,8 @@ TEST(MinimalTest, MinimalSharedBinaryWorks) { // Test that the AllowSystemMalloc helper works as expected. TEST(MallocTest, SystemMallocWorks) { SKIP_SANITIZERS_AND_COVERAGE; - const std::string path = GetTestSourcePath("sandbox2/testcases/malloc_system"); + const std::string path = + GetTestSourcePath("sandbox2/testcases/malloc_system"); std::vector args = {path}; auto executor = absl::make_unique(path, args); diff --git a/sandboxed_api/sandbox2/policybuilder.cc b/sandboxed_api/sandbox2/policybuilder.cc index 3ea38f7..98a6388 100644 --- a/sandboxed_api/sandbox2/policybuilder.cc +++ b/sandboxed_api/sandbox2/policybuilder.cc @@ -624,7 +624,8 @@ PolicyBuilder& PolicyBuilder::DangerDefaultAllowAll() { return ValidatePath(path); } -::sapi::StatusOr PolicyBuilder::ValidatePath(absl::string_view path) { +::sapi::StatusOr PolicyBuilder::ValidatePath( + absl::string_view path) { std::string fixed_path = file::CleanPath(path); if (fixed_path != path) { return ::sapi::InvalidArgumentError(absl::StrCat( diff --git a/sandboxed_api/sandbox2/policybuilder.h b/sandboxed_api/sandbox2/policybuilder.h index 49e16be..5d31f05 100644 --- a/sandboxed_api/sandbox2/policybuilder.h +++ b/sandboxed_api/sandbox2/policybuilder.h @@ -487,7 +487,8 @@ class PolicyBuilder final { std::vector ResolveBpfFunc(BpfFunc f); - static ::sapi::StatusOr ValidateAbsolutePath(absl::string_view path); + static ::sapi::StatusOr ValidateAbsolutePath( + absl::string_view path); static ::sapi::StatusOr ValidatePath(absl::string_view path); void StoreDescription(PolicyBuilderDescription* pb_description); diff --git a/sandboxed_api/sandbox2/policybuilder_test.cc b/sandboxed_api/sandbox2/policybuilder_test.cc index e201ec6..1318b7c 100644 --- a/sandboxed_api/sandbox2/policybuilder_test.cc +++ b/sandboxed_api/sandbox2/policybuilder_test.cc @@ -17,6 +17,7 @@ #include #include +#include #include #include @@ -56,7 +57,8 @@ class PolicyBuilderPeer { int policy_size() const { return builder_->output_->user_policy_.size(); } - static ::sapi::StatusOr ValidateAbsolutePath(absl::string_view path) { + static ::sapi::StatusOr ValidateAbsolutePath( + absl::string_view path) { return PolicyBuilder::ValidateAbsolutePath(path); } @@ -154,7 +156,8 @@ TEST_F(PolicyBuilderTest, TestValidateAbsolutePath) { } } -std::string PolicyBuilderTest::Run(std::vector args, bool network) { +std::string PolicyBuilderTest::Run(std::vector args, + bool network) { PolicyBuilder builder; // Don't restrict the syscalls at all. builder.DangerDefaultAllowAll(); diff --git a/sandboxed_api/sandbox2/result.h b/sandboxed_api/sandbox2/result.h index d9f6516..c3c0e64 100644 --- a/sandboxed_api/sandbox2/result.h +++ b/sandboxed_api/sandbox2/result.h @@ -107,7 +107,9 @@ class Result { // The stacktrace must be sometimes fetched before SetExitStatusCode is // called, because after WIFEXITED() or WIFSIGNALED() the process is just a // zombie. - void SetStackTrace(const std::string& stack_trace) { stack_trace_ = stack_trace; } + void SetStackTrace(const std::string& stack_trace) { + stack_trace_ = stack_trace; + } void LoadRegs(pid_t pid) { auto regs = absl::make_unique(pid); @@ -150,13 +152,13 @@ class Result { // OK if the sandbox process exited normally with an exit code of 0. ::sapi::Status ToStatus() const; - // Returns a descriptive std::string for final result. + // Returns a descriptive string for final result. std::string ToString() const; - // Converts StatusEnum to a std::string. + // Converts StatusEnum to a string. static std::string StatusEnumToString(StatusEnum value); - // Converts ReasonCodeEnum to a std::string. + // Converts ReasonCodeEnum to a string. static std::string ReasonCodeEnumToString(ReasonCodeEnum value); rusage* GetRUsageMonitor() { return &rusage_monitor_; } diff --git a/sandboxed_api/sandbox2/sandbox2_test.cc b/sandboxed_api/sandbox2/sandbox2_test.cc index d2f5808..e9e648e 100644 --- a/sandboxed_api/sandbox2/sandbox2_test.cc +++ b/sandboxed_api/sandbox2/sandbox2_test.cc @@ -59,8 +59,8 @@ TEST(SandboxCoreDumpTest, AbortWithoutCoreDumpReturnsSignaled) { Sandbox2 sandbox(std::move(executor), std::move(policy)); auto result = sandbox.Run(); - ASSERT_EQ(result.final_status(), Result::SIGNALED); - EXPECT_EQ(result.reason_code(), SIGABRT); + ASSERT_THAT(result.final_status(), Eq(Result::SIGNALED)); + EXPECT_THAT(result.reason_code(), Eq(SIGABRT)); } // Test that with TSYNC we are able to sandbox when multithreaded and with no diff --git a/sandboxed_api/sandbox2/sanitizer.cc b/sandboxed_api/sandbox2/sanitizer.cc index 5ff6d34..920e254 100644 --- a/sandboxed_api/sandbox2/sanitizer.cc +++ b/sandboxed_api/sandbox2/sanitizer.cc @@ -31,6 +31,7 @@ #include #include #include +#include #include #include diff --git a/sandboxed_api/sandbox2/sanitizer.h b/sandboxed_api/sandbox2/sanitizer.h index 34465d7..29cdc06 100644 --- a/sandboxed_api/sandbox2/sanitizer.h +++ b/sandboxed_api/sandbox2/sanitizer.h @@ -19,7 +19,6 @@ #define SANDBOXED_API_SANDBOX2_SANITIZER_H_ #include -#include #include "absl/base/macros.h" diff --git a/sandboxed_api/sandbox2/sanitizer_test.cc b/sandboxed_api/sandbox2/sanitizer_test.cc index ed99f43..64f121e 100644 --- a/sandboxed_api/sandbox2/sanitizer_test.cc +++ b/sandboxed_api/sandbox2/sanitizer_test.cc @@ -51,7 +51,7 @@ namespace sandbox2 { namespace { // Runs a new process and returns 0 if the process terminated with 0. -static int RunTestcase(const std::string& path, const std::vector& args) { +int RunTestcase(const std::string& path, const std::vector& args) { pid_t pid = fork(); if (pid < 0) { PLOG(ERROR) << "fork()"; @@ -79,7 +79,7 @@ static int RunTestcase(const std::string& path, const std::vector& } } -static bool IsFdOpen(int fd) { +bool IsFdOpen(int fd) { int ret = fcntl(fd, F_GETFD); if (ret == -1) { VLOG(1) << "FD: " << fd << " is closed"; diff --git a/sandboxed_api/sandbox2/stack-trace.cc b/sandboxed_api/sandbox2/stack-trace.cc index ee05d1c..5a795b1 100644 --- a/sandboxed_api/sandbox2/stack-trace.cc +++ b/sandboxed_api/sandbox2/stack-trace.cc @@ -62,7 +62,8 @@ class StackTracePeer { const Mounts& mounts); static bool LaunchLibunwindSandbox(const Regs* regs, const Mounts& mounts, - UnwindResult* result, const std::string& delim); + UnwindResult* result, + const std::string& delim); }; std::unique_ptr StackTracePeer::GetPolicy(pid_t target_pid, @@ -269,7 +270,7 @@ bool StackTracePeer::LaunchLibunwindSandbox(const Regs* regs, } std::string GetStackTrace(const Regs* regs, const Mounts& mounts, - const std::string& delim) { + const std::string& delim) { if (absl::GetFlag(FLAGS_sandbox_disable_all_stack_traces)) { return ""; } diff --git a/sandboxed_api/sandbox2/stack-trace.h b/sandboxed_api/sandbox2/stack-trace.h index f885291..d28a979 100644 --- a/sandboxed_api/sandbox2/stack-trace.h +++ b/sandboxed_api/sandbox2/stack-trace.h @@ -40,7 +40,7 @@ constexpr size_t kDefaultMaxFrames = 200; // Returns the stack-trace of the PID=pid, delimited by the delim argument. std::string GetStackTrace(const Regs* regs, const Mounts& mounts, - const std::string& delim = " "); + const std::string& delim = " "); // Similar to GetStackTrace() but without using the sandbox to isolate // libunwind. diff --git a/sandboxed_api/sandbox2/stack-trace_test.cc b/sandboxed_api/sandbox2/stack-trace_test.cc index 1fc0e58..b12e44e 100644 --- a/sandboxed_api/sandbox2/stack-trace_test.cc +++ b/sandboxed_api/sandbox2/stack-trace_test.cc @@ -153,7 +153,8 @@ TEST(StackTraceTest, ForkEnterNsLibunwindDoesNotLeakFDs) { SKIP_SANITIZERS_AND_COVERAGE; // Get list of open FDs in the global forkserver. pid_t forkserver_pid = GetGlobalForkServerPid(); - std::string forkserver_fd_path = absl::StrCat("/proc/", forkserver_pid, "/fd"); + std::string forkserver_fd_path = + absl::StrCat("/proc/", forkserver_pid, "/fd"); size_t filecount_before = FileCountInDirectory(forkserver_fd_path); TemporaryFlagOverride temp_override( diff --git a/sandboxed_api/sandbox2/syscall_defs.cc b/sandboxed_api/sandbox2/syscall_defs.cc index 2bb35f0..cb2e179 100644 --- a/sandboxed_api/sandbox2/syscall_defs.cc +++ b/sandboxed_api/sandbox2/syscall_defs.cc @@ -11,7 +11,7 @@ namespace sandbox2 { namespace { std::string GetArgumentDescription(uint64_t value, SyscallTable::ArgType type, - pid_t pid) { + pid_t pid) { std::string ret = absl::StrFormat("%#x", value); switch (type) { case SyscallTable::kOct: diff --git a/sandboxed_api/sandbox2/testcases/ipc.cc b/sandboxed_api/sandbox2/testcases/ipc.cc index 4b5afea..5d40f0d 100644 --- a/sandboxed_api/sandbox2/testcases/ipc.cc +++ b/sandboxed_api/sandbox2/testcases/ipc.cc @@ -15,8 +15,8 @@ // A binary that uses comms and client, to receive FDs by name, communicate // with them, sandboxed or not. -#include -#include +#include +#include #include #include "absl/strings/numbers.h" diff --git a/sandboxed_api/sandbox2/unwind/unwind.cc b/sandboxed_api/sandbox2/unwind/unwind.cc index 7987004..803692a 100644 --- a/sandboxed_api/sandbox2/unwind/unwind.cc +++ b/sandboxed_api/sandbox2/unwind/unwind.cc @@ -35,7 +35,7 @@ namespace sandbox2 { namespace { std::string GetSymbolAt(const std::map& addr_to_symbol, - uint64_t addr) { + uint64_t addr) { auto entry_for_next_symbol = addr_to_symbol.lower_bound(addr); if (entry_for_next_symbol != addr_to_symbol.end() && entry_for_next_symbol != addr_to_symbol.begin()) { diff --git a/sandboxed_api/sandbox2/util.cc b/sandboxed_api/sandbox2/util.cc index 5f61496..d58783c 100644 --- a/sandboxed_api/sandbox2/util.cc +++ b/sandboxed_api/sandbox2/util.cc @@ -296,7 +296,7 @@ std::string GetSignalName(int signo) { auto pos = path.find('\0'); if (pos == std::string::npos) { return ::sapi::FailedPreconditionError(absl::StrCat( - "No NUL-byte inside the C std::string '", absl::CHexEscape(path), "'")); + "No NUL-byte inside the C string '", absl::CHexEscape(path), "'")); } path.resize(pos); return path; diff --git a/sandboxed_api/sandbox2/util.h b/sandboxed_api/sandbox2/util.h index b75bf54..3e0439c 100644 --- a/sandboxed_api/sandbox2/util.h +++ b/sandboxed_api/sandbox2/util.h @@ -31,7 +31,7 @@ namespace sandbox2 { namespace util { // Converts an array of char* (terminated by a nullptr, like argv, or environ -// arrays), to an std::vector. +// arrays), to an std::vector. void CharPtrArrToVecString(char* const* arr, std::vector* vec); // Converts a vector of strings to a newly allocated array. The array is limited diff --git a/sandboxed_api/sandbox2/util/fileops.cc b/sandboxed_api/sandbox2/util/fileops.cc index 8aea708..cdf0b0b 100644 --- a/sandboxed_api/sandbox2/util/fileops.cc +++ b/sandboxed_api/sandbox2/util/fileops.cc @@ -59,7 +59,8 @@ bool GetCWD(std::string* result) { // Makes a path absolute with respect to base. Returns true on success. Result // may be an alias of base or filename. -bool MakeAbsolute(const std::string& filename, const std::string& base, std::string* result) { +bool MakeAbsolute(const std::string& filename, const std::string& base, + std::string* result) { if (filename.empty()) { return false; } @@ -95,10 +96,10 @@ std::string MakeAbsolute(const std::string& filename, const std::string& base) { } bool RemoveLastPathComponent(const std::string& file, std::string* output) { - // Point idx at the last non-slash in the std::string. This should mark the last + // Point idx at the last non-slash in the string. This should mark the last // character of the base name. auto idx = file.find_last_not_of('/'); - // If no non-slash is found, we have all slashes or an empty std::string. Return + // If no non-slash is found, we have all slashes or an empty string. Return // the appropriate value and false to indicate there was no path component to // remove. if (idx == std::string::npos) { @@ -114,7 +115,7 @@ bool RemoveLastPathComponent(const std::string& file, std::string* output) { // Point idx at the last slash before the base name. idx = file.find_last_of('/', idx); // If we don't find a slash, then we have something of the form "file/*", so - // just return the empty std::string. + // just return the empty string. if (idx == std::string::npos) { output->clear(); } else { @@ -168,8 +169,8 @@ bool ReadLinkAbsolute(const std::string& filename, std::string* result) { std::string Basename(absl::string_view path) { const auto last_slash = path.find_last_of('/'); return std::string(last_slash == std::string::npos - ? path - : absl::ClippedSubstr(path, last_slash + 1)); + ? path + : absl::ClippedSubstr(path, last_slash + 1)); } std::string StripBasename(absl::string_view path) { @@ -189,7 +190,8 @@ bool Exists(const std::string& filename, bool fully_resolve) { : lstat64(filename.c_str(), &st)) != -1; } -bool ListDirectoryEntries(const std::string& directory, std::vector* entries, +bool ListDirectoryEntries(const std::string& directory, + std::vector* entries, std::string* error) { errno = 0; std::unique_ptr dir{opendir(directory.c_str()), @@ -266,7 +268,8 @@ bool DeleteRecursively(const std::string& filename) { return true; } -bool CopyFile(const std::string& old_path, const std::string& new_path, int new_mode) { +bool CopyFile(const std::string& old_path, const std::string& new_path, + int new_mode) { { std::ifstream input(old_path, std::ios_base::binary); std::ofstream output(new_path, diff --git a/sandboxed_api/sandbox2/util/fileops.h b/sandboxed_api/sandbox2/util/fileops.h index 8081c6d..670e306 100644 --- a/sandboxed_api/sandbox2/util/fileops.h +++ b/sandboxed_api/sandbox2/util/fileops.h @@ -72,7 +72,8 @@ bool Exists(const std::string& filename, bool fully_resolve); // On error, false is returned and error is set to a description of the // error. The filenames in entries are just the basenames of the // files found. -bool ListDirectoryEntries(const std::string& directory, std::vector* entries, +bool ListDirectoryEntries(const std::string& directory, + std::vector* entries, std::string* error); // Deletes the specified file or directory, including any sub-directories. @@ -81,7 +82,8 @@ bool DeleteRecursively(const std::string& filename); // Copies a file from one location to another. The file will be overwritten if // it already exists. If it does not exist, its mode will be new_mode. Returns // true on success. On failure, a partial copy of the file may remain. -bool CopyFile(const std::string& old_path, const std::string& new_path, int new_mode); +bool CopyFile(const std::string& old_path, const std::string& new_path, + int new_mode); // Makes filename absolute with respect to base. Returns an empty string on // failure. diff --git a/sandboxed_api/sandbox2/util/maps_parser.cc b/sandboxed_api/sandbox2/util/maps_parser.cc index a8cdfb3..251cc49 100644 --- a/sandboxed_api/sandbox2/util/maps_parser.cc +++ b/sandboxed_api/sandbox2/util/maps_parser.cc @@ -18,16 +18,18 @@ namespace sandbox2 { -::sapi::StatusOr> ParseProcMaps(const std::string& contents) { - // Note: The format std::string +::sapi::StatusOr> ParseProcMaps( + const std::string& contents) { + // Note: The format string // https://github.com/torvalds/linux/blob/v4.14/fs/proc/task_mmu.c#L289 - // changed to a non-format std::string implementation + // changed to a non-format string implementation // (show_vma_header_prefix()). static constexpr char kFormatString[] = "%lx-%lx %c%c%c%c %lx %x:%x %lu %1023s"; static constexpr size_t kFilepathLength = 1023; - std::vector lines = absl::StrSplit(contents, '\n', absl::SkipEmpty()); + std::vector lines = + absl::StrSplit(contents, '\n', absl::SkipEmpty()); std::vector entries; for (const auto& line : lines) { MapsEntry entry{}; diff --git a/sandboxed_api/sandbox2/util/maps_parser.h b/sandboxed_api/sandbox2/util/maps_parser.h index da71d4b..4ad194f 100644 --- a/sandboxed_api/sandbox2/util/maps_parser.h +++ b/sandboxed_api/sandbox2/util/maps_parser.h @@ -16,6 +16,7 @@ #define SANDBOXED_API_SANDBOX2_UTIL_MAPS_PARSER_H_ #include +#include #include #include "sandboxed_api/util/status.h" @@ -37,7 +38,8 @@ struct MapsEntry { std::string path; }; -::sapi::StatusOr> ParseProcMaps(const std::string& contents); +::sapi::StatusOr> ParseProcMaps( + const std::string& contents); } // namespace sandbox2 diff --git a/sandboxed_api/sandbox2/util/path.cc b/sandboxed_api/sandbox2/util/path.cc index 223ae8c..05bf8bc 100644 --- a/sandboxed_api/sandbox2/util/path.cc +++ b/sandboxed_api/sandbox2/util/path.cc @@ -67,7 +67,7 @@ std::pair SplitPath( } std::string CleanPath(const absl::string_view unclean_path) { - std::string path = std::string(unclean_path); + auto path = std::string(unclean_path); const char* src = path.c_str(); std::string::iterator dst = path.begin(); diff --git a/sandboxed_api/sandbox2/util/strerror_test.cc b/sandboxed_api/sandbox2/util/strerror_test.cc index d1e1bf8..6a6e4f6 100644 --- a/sandboxed_api/sandbox2/util/strerror_test.cc +++ b/sandboxed_api/sandbox2/util/strerror_test.cc @@ -45,7 +45,7 @@ TEST(StrErrorTest, InvalidErrorCode) { TEST(StrErrorTest, MultipleThreads) { // In this test, we will start up 2 threads and have each one call StrError // 1000 times, each time with a different errnum. We expect that - // StrError(errnum) will return a std::string equal to the one returned by + // StrError(errnum) will return a string equal to the one returned by // strerror(errnum), if the code is known. Since strerror is known to be // thread-hostile, collect all the expected strings up front. constexpr int kNumCodes = 1000; diff --git a/sandboxed_api/sandbox2/util/temp_file.cc b/sandboxed_api/sandbox2/util/temp_file.cc index 9f3edcc..0b226ed 100644 --- a/sandboxed_api/sandbox2/util/temp_file.cc +++ b/sandboxed_api/sandbox2/util/temp_file.cc @@ -43,7 +43,8 @@ sapi::StatusOr> CreateNamedTempFile( return std::pair{std::move(name_template), fd}; } -sapi::StatusOr CreateNamedTempFileAndClose(absl::string_view prefix) { +sapi::StatusOr CreateNamedTempFileAndClose( + absl::string_view prefix) { auto result_or = CreateNamedTempFile(prefix); if (result_or.ok()) { std::string path; diff --git a/sandboxed_api/sandbox2/util/temp_file.h b/sandboxed_api/sandbox2/util/temp_file.h index a0e6c7d..708708b 100644 --- a/sandboxed_api/sandbox2/util/temp_file.h +++ b/sandboxed_api/sandbox2/util/temp_file.h @@ -15,6 +15,8 @@ #ifndef SANDBOXED_API_SANDBOX2_UTIL_TEMP_FILE_H_ #define SANDBOXED_API_SANDBOX2_UTIL_TEMP_FILE_H_ +#include + #include "sandboxed_api/util/statusor.h" namespace sandbox2 { @@ -27,7 +29,8 @@ sapi::StatusOr> CreateNamedTempFile( // Creates a temporary file under a path starting with prefix. File is not // unlinked and its path is returned. FD of the created file is closed just // after creation. -sapi::StatusOr CreateNamedTempFileAndClose(absl::string_view prefix); +sapi::StatusOr CreateNamedTempFileAndClose( + absl::string_view prefix); // Creates a temporary directory under a path starting with prefix. // Returns the path of the created directory. diff --git a/sandboxed_api/sandbox2/util_test.cc b/sandboxed_api/sandbox2/util_test.cc index fa04599..694a886 100644 --- a/sandboxed_api/sandbox2/util_test.cc +++ b/sandboxed_api/sandbox2/util_test.cc @@ -16,6 +16,8 @@ #include +#include + #include "gmock/gmock.h" #include "gtest/gtest.h" #include "sandboxed_api/sandbox2/testing.h" diff --git a/sandboxed_api/util/status_internal.h b/sandboxed_api/util/status_internal.h index e18a27d..1ccf31d 100644 --- a/sandboxed_api/util/status_internal.h +++ b/sandboxed_api/util/status_internal.h @@ -44,9 +44,9 @@ struct status_type_traits { template static auto CheckMinimalApi(...) -> decltype(std::false_type()); - using minimal_api_type = decltype( - CheckMinimalApi(static_cast(0), static_cast(0), - static_cast(0), static_cast(0))); + using minimal_api_type = decltype(CheckMinimalApi( + static_cast(0), static_cast(0), + static_cast(0), static_cast(0))); public: static constexpr bool is_status = minimal_api_type::value; diff --git a/sandboxed_api/util/statusor_test.cc b/sandboxed_api/util/statusor_test.cc index 002f7d8..51ba623 100644 --- a/sandboxed_api/util/statusor_test.cc +++ b/sandboxed_api/util/statusor_test.cc @@ -106,7 +106,9 @@ struct StringCtor { struct StringVectorCtor { using value_type = std::vector; - std::vector operator()() { return {kStringElement, kErrorMessage}; } + std::vector operator()() { + return {kStringElement, kErrorMessage}; + } }; bool operator==(const Foo& lhs, const Foo& rhs) { diff --git a/sandboxed_api/var_abstract.h b/sandboxed_api/var_abstract.h index 9335477..a9371c2 100644 --- a/sandboxed_api/var_abstract.h +++ b/sandboxed_api/var_abstract.h @@ -16,6 +16,7 @@ #define SANDBOXED_API_VAR_ABSTRACT_H_ #include +#include #include #include "absl/base/macros.h" @@ -55,10 +56,10 @@ class Var { // Returns the type of the variable. virtual Type GetType() const = 0; - // Returns a std::string representation of the variable type. + // Returns a string representation of the variable type. virtual std::string GetTypeString() const = 0; - // Returns a std::string representation of the variable value. + // Returns a string representation of the variable value. virtual std::string ToString() const = 0; virtual ~Var();