QingdaoU/Judger
1
0
Fork 0
mirror of https://github.com/QingdaoU/Judger.git synced 2024-12-29 16:31:42 +00:00
Code Issues Packages Projects Releases Wiki Activity

exit when failed to load seccomp rules

Browse Source
This commit is contained in:
virusdefender 2016-01-18 14:14:34 +08:00
parent b93995f3d2
commit b3b89fbf02
1 changed files with 18 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
sandbox.c
View File

@ -63,18 +63,28 @@ int __libc_start_main(main_t main, int argc,
// Get __libc_start_main entry point // Get __libc_start_main entry point
libc = dlopen("libc.so.6", RTLD_LOCAL | RTLD_LAZY); libc = dlopen("libc.so.6", RTLD_LOCAL | RTLD_LAZY);
if (!libc) exit(-1); if (!libc) {
exit(1);
}
libc_start_main = dlsym(libc, "__libc_start_main"); libc_start_main = dlsym(libc, "__libc_start_main");
if (!libc_start_main) exit(-2); if (!libc_start_main) {
exit(2);
}
ctx = seccomp_init(SCMP_ACT_KILL); ctx = seccomp_init(SCMP_ACT_KILL);
if (!ctx) goto out; if (!ctx) {
for(i = 0; i < whitelist_length; i++) exit(3);
if (seccomp_rule_add(ctx, SCMP_ACT_ALLOW, syscalls_whitelist[i], 0)) goto out; }
if (seccomp_load(ctx)) goto out; for(i = 0; i < whitelist_length; i++) {
out: if (seccomp_rule_add(ctx, SCMP_ACT_ALLOW, syscalls_whitelist[i], 0)) {
if (ctx) seccomp_release(ctx); exit(4);
}
}
if (seccomp_load(ctx)) {
exit(5);
}
seccomp_release(ctx);
return ((*libc_start_main)(main, argc, ubp_av, auxvec, return ((*libc_start_main)(main, argc, ubp_av, auxvec,
init, fini, rtld_fini, stack_end)); init, fini, rtld_fini, stack_end));
} }