StarMirror/sandboxed-api
1
0
Fork 0
mirror of https://github.com/google/sandboxed-api.git synced 2024-03-22 13:11:30 +08:00
Code Issues Projects Releases Wiki Activity
d805286343
sandboxed-api/oss-internship-2020/lodepng
History
Christian Blichmann 51799f99ae Introduce a transitional logging utility library 
Instead of calling `google::InitGoogleLogging()` directly, introduce an
indirection via a new utility library. After this change, Sandboxed API
should consistently use `sapi::InitLogging()` everywhere.

For now, `sapi::InitLogging()` simply calls its glog equivalent. However,
this enables us to migrate away from the gflags dependency and use Abseil
flags. Once a follow-up change lands, `sapi::InitLogging()` will instead
initialize the google logging library with flags defined from Aseil.

Later still, once Abseil releases logging, we can then drop the glog
dependency entirely.

PiperOrigin-RevId: 445363592
Change-Id: Ia23a7dc88b8ffe65a422ea4d5233bba7bdd1303a
2022-04-29 02:14:06 -07:00
..
examples Introduce a transitional logging utility library 2022-04-29 02:14:06 -07:00
patches renamed project folder 2020-09-28 15:11:44 +00:00
.gitignore renamed project folder 2020-09-28 15:11:44 +00:00
CMakeLists.txt Change license link to HTTPS URL 2022-01-28 01:39:09 -08:00
README.md renamed project folder 2020-09-28 15:11:44 +00:00

README.md

LodePNG Sandboxed API

Sandboxed version of the LodePNG library, using Sandboxed API

Details

With Sandboxed API, many of the library's functions can be sandboxed. However, they need the extern "C" keyword defined so that name mangling does not happen, which is why a patch that adds it is used. The only differences are found in the header file. An alternative to this is to define another library that wraps every needed function, specifying the required keyword.

Even if many of the functions from the library can be sandboxed, there are some that are not supported (those which have std::vector parameters, overloaded functions etc.). If you really need these functions, a solution is to implement a custom library that wraps around these functions in order to make them compatible.

Patches

In the patches folder there is a patch file that adds extern "C" to the required functions in the header file in order to sandbox them. This patch is applied automatically during the build phase.

Build

First, run git submodule update --init --recursive to update submodules. After this, run the following commands:

mkdir -p build && cd build

cmake .. -G Ninja

cmake --build .

The example binary files can be found in build/examples.

Examples

The code found in the examples folder features a basic use case of the library. An image is generated, encoded into a file and then decoded to check that the values are the same. The encoding part was based on this example while decoding was based on this.

This example code is structured as:

  • main_unsandboxed.cc - unsandboxed example
  • main_sandboxed.cc - sandboxed version of the example
  • main_unit_test.cc - tests(using Google Test).

On top of those files, there are other files used by all three of the examples:

  • sandbox.h - custom sandbox policy
  • helpers.h and helpers.cc - constants and functions used in the main files.

The executables generated from these files will create a temporary directory in the current working path. Inside that directory the two generated png files will be created. At the end, the directory is deleted. If those programs do not stop midway or return a failure code, then everything works fine.