WIP/cpp -> next #31

クローズ
crtxcrWIP/cpp から next への 16 コミットのマージを希望しています
3個のファイルの変更17行の追加15行の削除
コミット 41bd6e8f10 の変更だけを表示しています - すべてのコミットを表示

22
exile.c
ファイルの表示

@ -1702,11 +1702,11 @@ int exile_clone_handle(void *arg)
if(ret != 0)
{
EXILE_LOG_ERROR("Failed to enable policy\n");
close(child_read_pipe[1]);
close(child_write_pipe[0]);
close(params->child_read_pipe[1]);
close(params->child_write_pipe[0]);
return 1;
}
ret = dup2(child_read_pipe[1], 1);
ret = dup2(params->child_read_pipe[1], 1);
if(ret == -1)
{
EXILE_LOG_ERROR("Failed to redirect stdout to pipe\n");
@ -1714,8 +1714,8 @@ int exile_clone_handle(void *arg)
}
ret = params->func(params->funcarg);
fclose(stdout);
close(child_read_pipe[1]);
close(child_write_pipe[0]);
close(params->child_read_pipe[1]);
close(params->child_write_pipe[0]);
return ret;
}
@ -1733,14 +1733,14 @@ int exile_clone_handle(void *arg)
* Return value: Negative on error, otherwise the file descriptor to read from*/
int exile_launch(struct exile_launch_params *launch_params, struct exile_launch_result *launch_result)
{
int ret = pipe(child_read_pipe);
int ret = pipe(launch_params->child_read_pipe);
if(ret != 0)
{
EXILE_LOG_ERROR("read pipe creation failed\n");
return ret;
}
ret = pipe(child_write_pipe);
ret = pipe(launch_params->child_write_pipe);
if(ret != 0)
{
EXILE_LOG_ERROR("write pipe creation failed\n");
@ -1768,12 +1768,12 @@ int exile_launch(struct exile_launch_params *launch_params, struct exile_launch_
EXILE_LOG_ERROR("clone failed(): %s\n", strerror(errno));
return ret;
}
close(child_read_pipe[1]);
close(child_write_pipe[0]);
close(launch_params->child_read_pipe[1]);
close(launch_params->child_write_pipe[0]);
launch_result->tid = ret;
launch_result->read_fd = child_read_pipe[0];
launch_result->write_fd = child_write_pipe[1];
launch_result->read_fd = launch_params->child_read_pipe[0];
launch_result->write_fd = launch_params->child_write_pipe[1];
return 0;
}

ファイルの表示

@ -497,6 +497,8 @@ struct exile_launch_params
struct exile_policy *policy; /* Policy to activate before jumping to func */
int (*func)(void *); /* Function to be sandboxed */
void *funcarg; /* Arg to be passed */
int child_read_pipe[2];
int child_write_pipe[2];
};
struct exile_launch_result
@ -506,9 +508,6 @@ struct exile_launch_result
int write_fd;
};
static int child_read_pipe[2];
static int child_write_pipe[2];
int exile_clone_handle(void *arg);
/* Helper to easily execute a single function sandboxed.
*

5
test.c
ファイルの表示

@ -548,12 +548,14 @@ int test_fail_flags()
return 0;
}
static int *read_pipe = NULL;
int do_launch_test(void *arg)
{
int num = *(int *)(arg);
num += 1;
char buffer[512] = { 0 };
read(child_write_pipe[0], buffer, sizeof(buffer)-1);
read(*read_pipe, buffer, sizeof(buffer)-1);
printf("Sandboxed +1: %i\n", num);
printf("Echoing: %s\n", buffer);
fflush(stdout);
@ -569,6 +571,7 @@ int test_launch()
params.func = &do_launch_test;
params.funcarg = #
params.policy = policy;
read_pipe = &params.child_write_pipe[0];
int launchfd = exile_launch(&params, &res);
if(launchfd < 0)
{