diff options
Diffstat (limited to 'chromium/sandbox/linux/seccomp-bpf/demo.cc')
-rw-r--r-- | chromium/sandbox/linux/seccomp-bpf/demo.cc | 20 |
1 files changed, 11 insertions, 9 deletions
diff --git a/chromium/sandbox/linux/seccomp-bpf/demo.cc b/chromium/sandbox/linux/seccomp-bpf/demo.cc index b2622ec452d..14180181a6e 100644 --- a/chromium/sandbox/linux/seccomp-bpf/demo.cc +++ b/chromium/sandbox/linux/seccomp-bpf/demo.cc @@ -26,11 +26,13 @@ #include <time.h> #include <unistd.h> +#include "base/posix/eintr_wrapper.h" #include "sandbox/linux/seccomp-bpf/sandbox_bpf.h" +#include "sandbox/linux/services/linux_syscalls.h" -using playground2::arch_seccomp_data; -using playground2::ErrorCode; -using playground2::Sandbox; +using sandbox::ErrorCode; +using sandbox::SandboxBPF; +using sandbox::arch_seccomp_data; #define ERR EPERM @@ -221,7 +223,7 @@ intptr_t DefaultHandler(const struct arch_seccomp_data& data, void *) { char buf[sizeof(msg0) - 1 + 25 + sizeof(msg1)]; *buf = '\000'; - strncat(buf, msg0, sizeof(buf)); + strncat(buf, msg0, sizeof(buf) - 1); char *ptr = strrchr(buf, '\000'); itoa_r(data.nr, ptr, sizeof(buf) - (ptr - buf)); @@ -235,7 +237,7 @@ intptr_t DefaultHandler(const struct arch_seccomp_data& data, void *) { return -ERR; } -ErrorCode Evaluator(Sandbox *sandbox, int sysno, void *) { +ErrorCode Evaluator(SandboxBPF* sandbox, int sysno, void *) { switch (sysno) { #if defined(__NR_accept) case __NR_accept: case __NR_accept4: @@ -411,14 +413,14 @@ int main(int argc, char *argv[]) { if (argc) { } if (argv) { } int proc_fd = open("/proc", O_RDONLY|O_DIRECTORY); - if (Sandbox::SupportsSeccompSandbox(proc_fd) != - Sandbox::STATUS_AVAILABLE) { + if (SandboxBPF::SupportsSeccompSandbox(proc_fd) != + SandboxBPF::STATUS_AVAILABLE) { perror("sandbox"); _exit(1); } - Sandbox sandbox; + SandboxBPF sandbox; sandbox.set_proc_fd(proc_fd); - sandbox.SetSandboxPolicy(Evaluator, NULL); + sandbox.SetSandboxPolicyDeprecated(Evaluator, NULL); sandbox.StartSandbox(); // Check that we can create threads |