File: sandbox_compiler.cc

package info (click to toggle)
chromium 120.0.6099.224-1~deb11u1
  • links: PTS, VCS
  • area: main
  • in suites: bullseye
  • size: 6,112,112 kB
  • sloc: cpp: 32,907,025; ansic: 8,148,123; javascript: 3,679,536; python: 2,031,248; asm: 959,718; java: 804,675; xml: 617,256; sh: 111,417; objc: 100,835; perl: 88,443; cs: 53,032; makefile: 29,579; fortran: 24,137; php: 21,162; tcl: 21,147; sql: 20,809; ruby: 17,735; pascal: 12,864; yacc: 8,045; lisp: 3,388; lex: 1,323; ada: 727; awk: 329; jsp: 267; csh: 117; exp: 43; sed: 37
file content (85 lines) | stat: -rw-r--r-- 2,649 bytes parent folder | download | duplicates (2) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
 
// Copyright 2017 The Chromium Authors
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.

#include "sandbox/mac/sandbox_compiler.h"

#include <string>
#include <vector>

#include "sandbox/mac/seatbelt.h"

namespace sandbox {

SandboxCompiler::SandboxCompiler() : SandboxCompiler(Target::kSource) {}

SandboxCompiler::SandboxCompiler(Target mode) : mode_(mode) {
  if (mode_ == Target::kCompiled) {
    params_ = Seatbelt::Parameters::Create();
  }
}

SandboxCompiler::~SandboxCompiler() {}

void SandboxCompiler::SetProfile(const std::string& policy) {
  policy_.set_profile(policy);
}

bool SandboxCompiler::SetBooleanParameter(const std::string& key, bool value) {
  return SetParameter(key, value ? "TRUE" : "FALSE");
}

bool SandboxCompiler::SetParameter(const std::string& key,
                                   const std::string& value) {
  // Regardless of the mode, add the strings to the proto map because
  // Seatbelt::Parameters::Set does not copy the strings, which means temporary
  // std::string references need to be owned somewhere.
  auto it = policy_.mutable_params()->insert({key, value});

  if (mode_ == Target::kCompiled && it.second) {
    if (!params_.Set(it.first->first.c_str(), it.first->second.c_str())) {
      policy_.mutable_params()->erase(it.first);
      return false;
    }
  }

  return it.second;
}

bool SandboxCompiler::CompileAndApplyProfile(std::string& error) {
  if (mode_ == Target::kSource) {
    std::vector<const char*> params;

    for (const auto& kv : policy_.params()) {
      params.push_back(kv.first.c_str());
      params.push_back(kv.second.c_str());
    }
    // The parameters array must be null terminated.
    params.push_back(nullptr);

    return Seatbelt::InitWithParams(policy_.profile().c_str(), 0, params.data(),
                                    &error);
  } else if (mode_ == Target::kCompiled) {
    std::string profile;
    if (Seatbelt::Compile(policy_.profile().c_str(), params_, profile,
                          &error)) {
      return Seatbelt::ApplyCompiledProfile(profile, &error);
    }
  }
  return false;
}

bool SandboxCompiler::CompilePolicyToProto(mac::SandboxPolicy& policy,
                                           std::string& error) {
  if (mode_ == Target::kSource) {
    policy.mutable_source()->CopyFrom(policy_);
    return true;
  } else if (mode_ == Target::kCompiled) {
    return Seatbelt::Compile(policy_.profile().c_str(), params_,
                             *policy.mutable_compiled()->mutable_data(),
                             &error);
  }
  return false;
}

}  // namespace sandbox