diff --git a/sandboxed_api/call.h b/sandboxed_api/call.h index a33306a..06def7e 100644 --- a/sandboxed_api/call.h +++ b/sandboxed_api/call.h @@ -23,8 +23,8 @@ namespace sapi { namespace comms { struct ReallocRequest { - uint64_t old_addr; - uint64_t size; + uintptr_t old_addr; + size_t size; }; // Types of TAGs used with Comms channel. diff --git a/sandboxed_api/client.cc b/sandboxed_api/client.cc index 738fc87..9d490b6 100644 --- a/sandboxed_api/client.cc +++ b/sandboxed_api/client.cc @@ -229,7 +229,7 @@ void HandleCallMsg(const FuncCall& call, FuncRet* ret) { } // Handles requests to allocate memory inside the sandboxee. -void HandleAllocMsg(const uintptr_t size, FuncRet* ret) { +void HandleAllocMsg(const size_t size, FuncRet* ret) { VLOG(1) << "HandleAllocMsg: size=" << size; ret->ret_type = v::Type::kPointer; @@ -237,16 +237,15 @@ void HandleAllocMsg(const uintptr_t size, FuncRet* ret) { // Memory is copied to the pointer using an API that the memory sanitizer // is blind to (process_vm_writev). Initialize the memory here so that // the sandboxed code can still be tested with the memory sanitizer. - ret->int_val = - reinterpret_cast(calloc(1, static_cast(size))); + ret->int_val = reinterpret_cast(calloc(1, size)); #else - ret->int_val = reinterpret_cast(malloc(static_cast(size))); + ret->int_val = reinterpret_cast(malloc(size)); #endif ret->success = true; } // Like HandleAllocMsg(), but handles requests to reallocate memory. -void HandleReallocMsg(uintptr_t ptr, uintptr_t size, FuncRet* ret) { +void HandleReallocMsg(uintptr_t ptr, size_t size, FuncRet* ret) { VLOG(1) << "HandleReallocMsg(" << absl::StrCat(absl::Hex(ptr)) << ", " << size << ")"; #ifdef MEMORY_SANITIZER @@ -363,14 +362,13 @@ void ServeRequest(sandbox2::Comms* comms) { break; case comms::kMsgAllocate: VLOG(1) << "Client::kMsgAllocate"; - HandleAllocMsg(BytesAs(bytes), &ret); + HandleAllocMsg(BytesAs(bytes), &ret); break; case comms::kMsgReallocate: VLOG(1) << "Client::kMsgReallocate"; { auto req = BytesAs(bytes); - HandleReallocMsg(static_cast(req.old_addr), - static_cast(req.size), &ret); + HandleReallocMsg(req.old_addr, req.size, &ret); } break; case comms::kMsgFree: diff --git a/sandboxed_api/examples/stringop/main_stringop.cc b/sandboxed_api/examples/stringop/main_stringop.cc index 9880699..c7e5b2e 100644 --- a/sandboxed_api/examples/stringop/main_stringop.cc +++ b/sandboxed_api/examples/stringop/main_stringop.cc @@ -134,7 +134,7 @@ TEST(StringopTest, RawStringLength) { ASSERT_THAT(sandbox.Init(), IsOk()); StringopApi api(&sandbox); SAPI_ASSERT_OK_AND_ASSIGN(void* target_mem_ptr, api.get_raw_c_string()); - SAPI_ASSERT_OK_AND_ASSIGN(uint64_t len, + SAPI_ASSERT_OK_AND_ASSIGN(size_t len, sandbox.rpc_channel()->Strlen(target_mem_ptr)); EXPECT_THAT(len, Eq(10)); } @@ -144,7 +144,7 @@ TEST(StringopTest, RawStringReading) { ASSERT_THAT(sandbox.Init(), IsOk()); StringopApi api(&sandbox); SAPI_ASSERT_OK_AND_ASSIGN(void* target_mem_ptr, api.get_raw_c_string()); - SAPI_ASSERT_OK_AND_ASSIGN(uint64_t len, + SAPI_ASSERT_OK_AND_ASSIGN(size_t len, sandbox.rpc_channel()->Strlen(target_mem_ptr)); EXPECT_THAT(len, Eq(10)); diff --git a/sandboxed_api/rpcchannel.cc b/sandboxed_api/rpcchannel.cc index 8b19547..72a057e 100644 --- a/sandboxed_api/rpcchannel.cc +++ b/sandboxed_api/rpcchannel.cc @@ -37,7 +37,7 @@ absl::Status RPCChannel::Call(const FuncCall& call, uint32_t tag, FuncRet* ret, absl::StatusOr RPCChannel::Return(v::Type exp_type) { uint32_t tag; - uint64_t len; + size_t len; FuncRet ret; if (!comms_->RecvTLV(&tag, &len, &ret, sizeof(ret))) { return absl::UnavailableError("Receiving TLV value failed"); @@ -78,9 +78,10 @@ absl::Status RPCChannel::Allocate(size_t size, void** addr) { absl::Status RPCChannel::Reallocate(void* old_addr, size_t size, void** new_addr) { absl::MutexLock lock(&mutex_); - comms::ReallocRequest req; - req.old_addr = reinterpret_cast(old_addr); - req.size = size; + comms::ReallocRequest req = { + .old_addr = reinterpret_cast(old_addr), + .size = size, + }; if (!comms_->SendTLV(comms::kMsgReallocate, sizeof(comms::ReallocRequest), &req)) { @@ -100,7 +101,7 @@ absl::Status RPCChannel::Reallocate(void* old_addr, size_t size, absl::Status RPCChannel::Free(void* addr) { absl::MutexLock lock(&mutex_); - uint64_t remote = reinterpret_cast(addr); + uintptr_t remote = reinterpret_cast(addr); if (!comms_->SendTLV(comms::kMsgFree, sizeof(remote), &remote)) { return absl::UnavailableError("Sending TLV value failed"); } @@ -193,7 +194,7 @@ absl::Status RPCChannel::Close(int remote_fd) { return absl::OkStatus(); } -absl::StatusOr RPCChannel::Strlen(void* str) { +absl::StatusOr RPCChannel::Strlen(void* str) { absl::MutexLock lock(&mutex_); if (!comms_->SendTLV(comms::kMsgStrlen, sizeof(str), &str)) { return absl::UnavailableError("Sending TLV value failed"); diff --git a/sandboxed_api/rpcchannel.h b/sandboxed_api/rpcchannel.h index 4fec23b..56d7ed8 100644 --- a/sandboxed_api/rpcchannel.h +++ b/sandboxed_api/rpcchannel.h @@ -61,7 +61,7 @@ class RPCChannel { absl::Status Close(int remote_fd); // Returns length of a null-terminated c-style string (invokes strlen). - absl::StatusOr Strlen(void* str); + absl::StatusOr Strlen(void* str); sandbox2::Comms* comms() const { return comms_; } diff --git a/sandboxed_api/sandbox.cc b/sandboxed_api/sandbox.cc index 8c9da3d..d6b1bf2 100644 --- a/sandboxed_api/sandbox.cc +++ b/sandboxed_api/sandbox.cc @@ -394,7 +394,7 @@ absl::Status Sandbox::TransferFromSandboxee(v::Var* var) { } absl::StatusOr Sandbox::GetCString(const v::RemotePtr& str, - uint64_t max_length) { + size_t max_length) { if (!is_active()) { return absl::UnavailableError("Sandbox not active"); } diff --git a/sandboxed_api/sandbox.h b/sandboxed_api/sandbox.h index 5d69eb0..576a144 100644 --- a/sandboxed_api/sandbox.h +++ b/sandboxed_api/sandbox.h @@ -103,8 +103,8 @@ class Sandbox { absl::Status TransferFromSandboxee(v::Var* var); absl::StatusOr GetCString(const v::RemotePtr& str, - uint64_t max_length = 10ULL - << 20 /* 10 MiB*/ + size_t max_length = 10ULL + << 20 /* 10 MiB*/ ); // Waits until the sandbox terminated and returns the result. diff --git a/sandboxed_api/sandbox2/comms.cc b/sandboxed_api/sandbox2/comms.cc index 9b2f719..449db8f 100644 --- a/sandboxed_api/sandbox2/comms.cc +++ b/sandboxed_api/sandbox2/comms.cc @@ -228,7 +228,7 @@ void Comms::Terminate() { } } -bool Comms::SendTLV(uint32_t tag, uint64_t length, const void* value) { +bool Comms::SendTLV(uint32_t tag, size_t length, const void* value) { if (length > GetMaxMsgSize()) { SAPI_RAW_LOG(ERROR, "Maximum TLV message size exceeded: (%u > %u)", length, GetMaxMsgSize()); @@ -296,7 +296,7 @@ bool Comms::RecvBytes(std::vector* buffer) { return true; } -bool Comms::SendBytes(const uint8_t* v, uint64_t len) { +bool Comms::SendBytes(const uint8_t* v, size_t len) { return SendTLV(kTagBytes, len, v); } @@ -417,7 +417,7 @@ bool Comms::SendFD(int fd) { int* fds = reinterpret_cast(CMSG_DATA(cmsg)); fds[0] = fd; - InternalTLV tlv = {kTagFd, sizeof(tlv.val), 0}; + InternalTLV tlv = {kTagFd, 0}; iovec iov; iov.iov_base = &tlv; @@ -512,8 +512,8 @@ socklen_t Comms::CreateSockaddrUn(sockaddr_un* sun) { return slen; } -bool Comms::Send(const void* data, uint64_t len) { - uint64_t total_sent = 0; +bool Comms::Send(const void* data, size_t len) { + size_t total_sent = 0; const char* bytes = reinterpret_cast(data); const auto op = [bytes, len, &total_sent](int fd) -> ssize_t { PotentiallyBlockingRegion region; @@ -545,8 +545,8 @@ bool Comms::Send(const void* data, uint64_t len) { return true; } -bool Comms::Recv(void* data, uint64_t len) { - uint64_t total_recv = 0; +bool Comms::Recv(void* data, size_t len) { + size_t total_recv = 0; char* bytes = reinterpret_cast(data); const auto op = [bytes, len, &total_recv](int fd) -> ssize_t { PotentiallyBlockingRegion region; @@ -574,7 +574,7 @@ bool Comms::Recv(void* data, uint64_t len) { } // Internal helper method (low level). -bool Comms::RecvTL(uint32_t* tag, uint64_t* length) { +bool Comms::RecvTL(uint32_t* tag, size_t* length) { if (!Recv(reinterpret_cast(tag), sizeof(*tag))) { return false; } @@ -611,7 +611,7 @@ bool Comms::RecvTLV(uint32_t* tag, std::string* value) { template bool Comms::RecvTLVGeneric(uint32_t* tag, T* value) { absl::MutexLock lock(&tlv_recv_transmission_mutex_); - uint64_t length; + size_t length; if (!RecvTL(tag, &length)) { return false; } @@ -620,28 +620,29 @@ bool Comms::RecvTLVGeneric(uint32_t* tag, T* value) { return length == 0 || Recv(reinterpret_cast(value->data()), length); } -bool Comms::RecvTLV(uint32_t* tag, uint64_t* length, void* buffer, - uint64_t buffer_size) { +bool Comms::RecvTLV(uint32_t* tag, size_t* length, void* buffer, + size_t buffer_size) { absl::MutexLock lock(&tlv_recv_transmission_mutex_); if (!RecvTL(tag, length)) { return false; } + if (*length == 0) { + return true; + } + if (*length > buffer_size) { SAPI_RAW_LOG(ERROR, "Buffer size too small (0x%x > 0x%x)", *length, buffer_size); return false; - } else if (*length > 0) { - if (!Recv(reinterpret_cast(buffer), *length)) { - return false; - } } - return true; + + return Recv(reinterpret_cast(buffer), *length); } -bool Comms::RecvInt(void* buffer, uint64_t len, uint32_t tag) { +bool Comms::RecvInt(void* buffer, size_t len, uint32_t tag) { uint32_t received_tag; - uint64_t received_length; + size_t received_length; if (!RecvTLV(&received_tag, &received_length, buffer, len)) { return false; } diff --git a/sandboxed_api/sandbox2/comms.h b/sandboxed_api/sandbox2/comms.h index 530943e..fca8c53 100644 --- a/sandboxed_api/sandbox2/comms.h +++ b/sandboxed_api/sandbox2/comms.h @@ -60,7 +60,7 @@ class Comms { static constexpr uint32_t kTagFd = 0X80000201; // Any payload size above this limit will LOG(WARNING). - static constexpr uint64_t kWarnMsgSize = (256ULL << 20); + static constexpr size_t kWarnMsgSize = (256ULL << 20); // Sandbox2-specific convention where FD=1023 is always passed to the // sandboxed process as a communication channel (encapsulated in the @@ -103,9 +103,9 @@ class Comms { // Note: The actual size is "unlimited", although the Buffer API is more // efficient for large transfers. There is an arbitrary limit to ~2GiB to // avoid protobuf serialization issues. - uint64_t GetMaxMsgSize() const { return std::numeric_limits::max(); } + size_t GetMaxMsgSize() const { return std::numeric_limits::max(); } - bool SendTLV(uint32_t tag, uint64_t length, const void* value); + bool SendTLV(uint32_t tag, size_t length, const void* value); // Receive a TLV structure, the memory for the value will be allocated // by std::vector. bool RecvTLV(uint32_t* tag, std::vector* value); @@ -113,7 +113,7 @@ class Comms { // by std::string. bool RecvTLV(uint32_t* tag, std::string* value); // Receives a TLV value into a specified buffer without allocating memory. - bool RecvTLV(uint32_t* tag, uint64_t* length, void* buffer, uint64_t buffer_size); + bool RecvTLV(uint32_t* tag, size_t* length, void* buffer, size_t buffer_size); // Sends/receives various types of data. bool RecvUint8(uint8_t* v) { return RecvIntGeneric(v, kTagUint8); } @@ -138,7 +138,7 @@ class Comms { bool SendString(const std::string& v); bool RecvBytes(std::vector* buffer); - bool SendBytes(const uint8_t* v, uint64_t len); + bool SendBytes(const uint8_t* v, size_t len); bool SendBytes(const std::vector& buffer); // Receives remote process credentials. @@ -183,19 +183,18 @@ class Comms { struct ABSL_ATTRIBUTE_PACKED InternalTLV { uint32_t tag; uint32_t len; - uint64_t val; }; // Fills sockaddr_un struct with proper values. socklen_t CreateSockaddrUn(sockaddr_un* sun); // Support for EINTR and size completion. - bool Send(const void* data, uint64_t len); - bool Recv(void* data, uint64_t len); + bool Send(const void* data, size_t len); + bool Recv(void* data, size_t len); // Receives tag and length. Assumes that the `tlv_transmission_mutex_` mutex // is locked. - bool RecvTL(uint32_t* tag, uint64_t* length) + bool RecvTL(uint32_t* tag, size_t* length) ABSL_EXCLUSIVE_LOCKS_REQUIRED(tlv_recv_transmission_mutex_); // T has to be a ContiguousContainer @@ -203,7 +202,7 @@ class Comms { bool RecvTLVGeneric(uint32_t* tag, T* value); // Receives arbitrary integers. - bool RecvInt(void* buffer, uint64_t len, uint32_t tag); + bool RecvInt(void* buffer, size_t len, uint32_t tag); template bool RecvIntGeneric(T* output, uint32_t tag) {