add sysinfo to syscall whitelist

This commit is contained in:
LiYang 2017-05-22 23:27:03 +08:00
parent 9826ecc678
commit cb9f0ab4c1
3 changed files with 16 additions and 1 deletions

View File

@ -11,7 +11,7 @@ int c_cpp_seccomp_rules(struct config *_config) {
SCMP_SYS(arch_prctl), SCMP_SYS(brk), SCMP_SYS(arch_prctl), SCMP_SYS(brk),
SCMP_SYS(access), SCMP_SYS(exit_group), SCMP_SYS(access), SCMP_SYS(exit_group),
SCMP_SYS(close), SCMP_SYS(readlink), SCMP_SYS(close), SCMP_SYS(readlink),
SCMP_SYS(uname)}; SCMP_SYS(uname), SCMP_SYS(sysinfo)};
int syscalls_whitelist_length = sizeof(syscalls_whitelist) / sizeof(int); int syscalls_whitelist_length = sizeof(syscalls_whitelist) / sizeof(int);
scmp_filter_ctx ctx = NULL; scmp_filter_ctx ctx = NULL;
// load seccomp rules // load seccomp rules

View File

@ -80,3 +80,10 @@ class SeccompTest(base.BaseTestCase):
result = _judger.run(**config) result = _judger.run(**config)
self.assertEqual(result["result"], _judger.RESULT_RUNTIME_ERROR) self.assertEqual(result["result"], _judger.RESULT_RUNTIME_ERROR)
self.assertEqual(result["signal"], 31) self.assertEqual(result["signal"], 31)
def test_sysinfo(self):
config = self.base_config
config["exe_path"] = self._compile_c("sysinfo.c")
result = _judger.run(**config)
self.assertEqual(result["result"], _judger.RESULT_SUCCESS)

View File

@ -0,0 +1,8 @@
// maybe used in qsort function
#include <unistd.h>
#include <stdio.h>
int main() {
printf("%ld", sysconf(_SC_PAGE_SIZE));
return 0;
}