mirrors/cosmopolitan
1
0
Fork 0
mirror of https://github.com/jart/cosmopolitan.git synced 2025-07-07 03:38:31 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Fix bugs and add security features to redbean

Browse source 
- Fix a regression with the previous change that broke redbean
- Add chroot(), resource limit, seccomp, and other stuff to redbean
- Write lots and lots of documentation
- Iron out more system call issues
This commit is contained in:
Justine Tunney 2022-04-18 00:01:26 -07:00
parent f1dfa4bdfa
commit 7166679620
182 changed files with 1855 additions and 918 deletions
Download patch file Download diff file Expand all files Collapse all files

3
libc/log/backtrace2.c
View file

@ -21,6 +21,7 @@
#include "libc/bits/safemacros.internal.h"
#include "libc/bits/weaken.h"
#include "libc/calls/calls.h"
#include "libc/calls/issandboxed.h"
#include "libc/calls/sigbits.h"
#include "libc/calls/strace.internal.h"
#include "libc/dce.h"
@ -159,7 +160,7 @@ static int PrintBacktraceUsingAddr2line(int fd, const struct StackFrame *bp) {
}
static int PrintBacktrace(int fd, const struct StackFrame *bp) {
if (!IsTiny()) {
if (!IsTiny() && !__issandboxed) {
if (PrintBacktraceUsingAddr2line(fd, bp) != -1) {
return 0;
}

15
libc/log/oncrash.c
View file

@ -17,7 +17,9 @@
PERFORMANCE OF THIS SOFTWARE.
*/
#include "libc/bits/weaken.h"
#include "libc/calls/calls.h"
#include "libc/calls/internal.h"
#include "libc/calls/issandboxed.h"
#include "libc/calls/sigbits.h"
#include "libc/calls/strace.internal.h"
#include "libc/calls/struct/sigaction.h"
@ -198,8 +200,10 @@ relegated void ShowCrashReport(int err, int sig, struct siginfo *si,
names.version[0] = 0;
names.nodename[0] = 0;
__stpcpy(host, "unknown");
gethostname(host, sizeof(host));
uname(&names);
if (!__issandboxed) {
gethostname(host, sizeof(host));
uname(&names);
}
p = buf;
errno = err;
kprintf("%n%serror%s: Uncaught %G (%s) on %s pid %d%n"
@ -211,8 +215,8 @@ relegated void ShowCrashReport(int err, int sig, struct siginfo *si,
ctx->uc_mcontext.rsp <= GetStaticStackAddr(0) + PAGESIZE))
? "Stack Overflow"
: GetSiCodeName(sig, si->si_code),
host, __getpid(), program_invocation_name, names.sysname,
names.version, names.nodename, names.release);
host, getpid(), program_invocation_name, names.sysname, names.version,
names.nodename, names.release);
if (ctx) {
kprintf("%n");
ShowFunctionCalls(ctx);
@ -288,7 +292,8 @@ relegated noinstrument void __oncrash(int sig, struct siginfo *si,
DebugBreak();
} else if (__nocolor || g_isrunningundermake) {
gdbpid = -1;
} else if (!IsTiny() && IsLinux() && FindDebugBinary()) {
} else if (!IsTiny() && IsLinux() && FindDebugBinary() &&
!__issandboxed) {
RestoreDefaultCrashSignalHandlers();
gdbpid = AttachDebugger(
((sig == SIGTRAP || sig == SIGQUIT) &&

13
libc/log/restoretty.c
View file

@ -17,6 +17,7 @@
PERFORMANCE OF THIS SOFTWARE.
*/
#include "libc/calls/calls.h"
#include "libc/calls/issandboxed.h"
#include "libc/calls/struct/termios.h"
#include "libc/calls/termios.h"
#include "libc/errno.h"
@ -51,10 +52,12 @@ const void *const g_oldtermios_ctor[] initarray = {
void __restore_tty(int fd) {
int e;
e = errno;
if (g_oldtermios.c_lflag && !__nocolor && isatty(fd)) {
write(fd, ANSI_RESTORE, strlen(ANSI_RESTORE));
tcsetattr(fd, TCSAFLUSH, &g_oldtermios);
if (!__issandboxed) {
e = errno;
if (g_oldtermios.c_lflag && !__nocolor && isatty(fd)) {
write(fd, ANSI_RESTORE, strlen(ANSI_RESTORE));
tcsetattr(fd, TCSAFLUSH, &g_oldtermios);
}
errno = e;
}
errno = e;
}