| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include <time.h> | 5 #include <time.h> |
| 6 | 6 |
| 7 #include "sandbox/linux/seccomp-bpf/sandbox_bpf.h" | 7 #include "sandbox/linux/seccomp-bpf/sandbox_bpf.h" |
| 8 #include "sandbox/linux/seccomp-bpf/verifier.h" | 8 #include "sandbox/linux/seccomp-bpf/verifier.h" |
| 9 | 9 |
| 10 // The kernel gives us a sandbox, we turn it into a playground :-) | 10 // The kernel gives us a sandbox, we turn it into a playground :-) |
| (...skipping 231 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 242 sb.st_nlink != 3 || | 242 sb.st_nlink != 3 || |
| 243 HANDLE_EINTR(close(task))) { | 243 HANDLE_EINTR(close(task))) { |
| 244 if (task >= 0) { | 244 if (task >= 0) { |
| 245 if (HANDLE_EINTR(close(task))) { } | 245 if (HANDLE_EINTR(close(task))) { } |
| 246 } | 246 } |
| 247 return false; | 247 return false; |
| 248 } | 248 } |
| 249 return true; | 249 return true; |
| 250 } | 250 } |
| 251 | 251 |
| 252 static bool isDenied(Sandbox::ErrorCode code) { | 252 static bool isDenied(const Sandbox::ErrorCode& code) { |
| 253 return (code & SECCOMP_RET_ACTION) == SECCOMP_RET_TRAP || | 253 return (code & SECCOMP_RET_ACTION) == SECCOMP_RET_TRAP || |
| 254 (code >= (SECCOMP_RET_ERRNO + 1) && | 254 (code >= (SECCOMP_RET_ERRNO + 1) && |
| 255 code <= (SECCOMP_RET_ERRNO + 4095)); | 255 code <= (SECCOMP_RET_ERRNO + 4095)); |
| 256 } | 256 } |
| 257 | 257 |
| 258 void Sandbox::policySanityChecks(EvaluateSyscall syscallEvaluator, | 258 void Sandbox::policySanityChecks(EvaluateSyscall syscallEvaluator, |
| 259 EvaluateArguments) { | 259 EvaluateArguments) { |
| 260 // Do some sanity checks on the policy. This will warn users if they do | 260 // Do some sanity checks on the policy. This will warn users if they do |
| 261 // things that are likely unsafe and unintended. | 261 // things that are likely unsafe and unintended. |
| 262 // We also have similar checks later, when we actually compile the BPF | 262 // We also have similar checks later, when we actually compile the BPF |
| (...skipping 423 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 686 bool Sandbox::dryRun_ = false; | 686 bool Sandbox::dryRun_ = false; |
| 687 Sandbox::SandboxStatus Sandbox::status_ = STATUS_UNKNOWN; | 687 Sandbox::SandboxStatus Sandbox::status_ = STATUS_UNKNOWN; |
| 688 int Sandbox::proc_fd_ = -1; | 688 int Sandbox::proc_fd_ = -1; |
| 689 Sandbox::Evaluators Sandbox::evaluators_; | 689 Sandbox::Evaluators Sandbox::evaluators_; |
| 690 Sandbox::Traps *Sandbox::traps_ = NULL; | 690 Sandbox::Traps *Sandbox::traps_ = NULL; |
| 691 Sandbox::TrapIds Sandbox::trapIds_; | 691 Sandbox::TrapIds Sandbox::trapIds_; |
| 692 Sandbox::ErrorCode *Sandbox::trapArray_ = NULL; | 692 Sandbox::ErrorCode *Sandbox::trapArray_ = NULL; |
| 693 size_t Sandbox::trapArraySize_ = 0; | 693 size_t Sandbox::trapArraySize_ = 0; |
| 694 | 694 |
| 695 } // namespace | 695 } // namespace |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 10825016:
Fixed coverity defects regarding pass-by-value (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src