The Sandboxed API project (SAPI) Generates sandboxes for C/C++ libraries automatically

Sandbox

Copyright 2019-2021 Google LLC.

Bazel build status CMake build status

What is Sandboxed API?

The Sandboxed API project (SAPI) makes sandboxing of C/C++ libraries less burdensome: after initial setup of security policies and generation of library interfaces, a stub API is generated, transparently forwarding calls using a custom RPC layer to the real library running inside a sandboxed environment.

Additionally, each SAPI library utilizes a tightly defined security policy, in contrast to the typical sandboxed project, where security policies must cover the total syscall/resource footprint of all its libraries.

Documentation

Developer documentation is available on the Google Developers site for Sandboxed API.

There is also a Getting Started guide.

Getting Involved

If you want to contribute, please read CONTRIBUTING.md and send us pull requests. You can also report bugs or file feature requests.

If you'd like to talk to the developers or get notified about major product updates, you may want to subscribe to our mailing list or sign up with this link.

Comments
  • Initial PFFFT Sandboxing implementation

    Initial PFFFT Sandboxing implementation

    My project contains the original files from https://bitbucket.org/jpommier/pffft/src/default/. One mention: I have renamed the README.txt from the original project as README_pffft.txt. The current README.txt contains some observations that I made during the last stage of the implementation.

    to be continued...

  • what's the main differences between docker-like container and sandbox2?

    what's the main differences between docker-like container and sandbox2?

    I feel that the sandboxed-api/sandbox2 is mainly a subset of docker-like containers, the container have more features like CRI for k8s.....

    If i'am wrong, Could you explain it in detail?

  • how ensure the seccomp policies is effective?

    how ensure the seccomp policies is effective?

    1. I know the policybuilder supply a lot of allow rules, But Which rules should I choose to ensure safety?
    2. The AllowSystemMalloc interface, it's implemented very complexed,not only limit the system call, but also limit the args. why? What references do you have? or have some evidence ?
  • Receiving TLV value failed when use the example

    Receiving TLV value failed when use the example

    I test the curl examle1 on debian 10. and has UNAVAILABLE: Receiving TLV value failed`?

    [email protected]:/home/user/sandbox/sandboxed-api/oss-internship-2020/curl/build/examples# ./example1 E20210105 04:15:27.784305 1281 monitor.cc:755] SANDBOX VIOLATION : PID: 1285, PROG: 'memfd:curl_sapi.bin (deleted)' : [X86-64] sysinfo [99](0x7ffc1e6c3270) IP: 0x7f0ffdccb137, STACK: 0x7ffc1e6c3268 [mounts.cc : 230] RAW: Inserting /lib with the same value twice E20210105 04:15:27.936887 1278 example1.cc:81] Example1 failed: UNAVAILABLE: Receiving TLV value failed

  • Can't install library using cmake and make install

    Can't install library using cmake and make install

    My workspace configurations are the following: Kubuntu 20.04, GNU GCC 9.3, CMake 3.16.3.

    I tried to build and install the library using CMake. For that I run the following commands:

    cmake .
    make
    make install
    

    The build was successful, but when I ran make install did nothing but printed the following: Screenshot_20200604_164104

    As far as I understand make install should've put header files and shared objects to /usr/local folder by default, isn't it right? If so, how can I fix this issue?

  • Fails to build using clang

    Fails to build using clang

    [412/505] Building CXX object sandboxed-api-build/sandboxed_api/sandbox2/CMakeFiles/sandbox2_syscall.dir/syscall_defs.cc.o
    FAILED: sandboxed-api-build/sandboxed_api/sandbox2/CMakeFiles/sandbox2_syscall.dir/syscall_defs.cc.o 
    /usr/bin/clang++ -DGOOGLE_GLOG_DLL_DECL="" -I/home/user/sandboxed-api/build/contrib/turbojpeg/_deps/absl-src -I/home/user/sandboxed-api/build/contrib/turbojpeg/sandboxed-api-build -I/home/user/sandboxed-api -I/home/user/sandboxed-api/build/contrib/turbojpeg/_deps/protobuf-src/src -I/home/user/sandboxed-api/build/contrib/turbojpeg/_deps/glog-build -I/home/user/sandboxed-api/build/contrib/turbojpeg/_deps/glog-src/src -I/home/user/sandboxed-api/build/contrib/turbojpeg/_deps/gflags-build/include -I/home/user/sandboxed-api/build/contrib/turbojpeg/_deps/gflags-build -fsanitize=address,undefined -g -fcolor-diagnostics -fno-exceptions -Wno-deprecated -Wframe-larger-than=40960 -Wno-deprecated-declarations -Wno-psabi -std=gnu++17 -MD -MT sandboxed-api-build/sandboxed_api/sandbox2/CMakeFiles/sandbox2_syscall.dir/syscall_defs.cc.o -MF sandboxed-api-build/sandboxed_api/sandbox2/CMakeFiles/sandbox2_syscall.dir/syscall_defs.cc.o.d -o sandboxed-api-build/sandboxed_api/sandbox2/CMakeFiles/sandbox2_syscall.dir/syscall_defs.cc.o -c /home/user/sandboxed-api/sandboxed_api/sandbox2/syscall_defs.cc
    In file included from /home/user/sandboxed-api/sandboxed_api/sandbox2/syscall_defs.cc:1:
    In file included from /home/user/sandboxed-api/sandboxed_api/sandbox2/syscall_defs.h:10:
    In file included from /home/user/sandboxed-api/build/contrib/turbojpeg/_deps/absl-src/absl/strings/string_view.h:30:
    In file included from /usr/bin/../lib/gcc/x86_64-redhat-linux/11/../../../../include/c++/11/algorithm:74:
    In file included from /usr/bin/../lib/gcc/x86_64-redhat-linux/11/../../../../include/c++/11/pstl/glue_algorithm_defs.h:13:
    In file included from /usr/bin/../lib/gcc/x86_64-redhat-linux/11/../../../../include/c++/11/functional:54:
    In file included from /usr/bin/../lib/gcc/x86_64-redhat-linux/11/../../../../include/c++/11/tuple:39:
    /usr/bin/../lib/gcc/x86_64-redhat-linux/11/../../../../include/c++/11/array:268:52: fatal error: instantiating fold expression with 334 arguments exceeded expression nesting limit of 256
          -> array<enable_if_t<(is_same_v<_Tp, _Up> && ...), _Tp>,
                               ~~~~~~~~~~~~~~~~~~~~~~~~^~~~
    /home/user/sandboxed-api/sandboxed_api/sandbox2/syscall_defs.cc:155:22: note: while substituting deduced template arguments into function template '<deduction guide for array>' [with _Tp = sandbox2::SyscallTable::Entry, _Up = <sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry, sandbox2::SyscallTable::Entry>]
    
  • Do the framework support long live child process?

    Do the framework support long live child process?

    We want use the library to call third pary SDK, and the SDK process will live all the time when the task in on-going. and will will be multi instance process to do the task. can the sandbox SDK support this case ?

  • Code generator cannot generate header with libclang 9 installed

    Code generator cannot generate header with libclang 9 installed

    Building on Debian 10 "Buster". Shout out to #29, which will also touch this.

    Confirmed working with"

    • libclang1-6.0/libclang-6.0-dev
    • libclang1-7/libclang-7-dev

    Could not test with version 8.

    With libclang1-9//libclang-9-dev, build fails with:

    $ ninja                                                                      
    [658/688] Generating interface                                                                                          
    FAILED: sandboxed_api/examples/sum/lib/sum-sapi.sapi.h                                                                 
    cd /home/REDACTED/sandboxed-api_cb_build/sandboxed_api/examples/sum/lib && /usr/bin/python3.7 -B /home/REDACTED/sandboxed-api_cb/sandboxed_api/tools/generator2/sapi_generator.py --sapi_name=Sum --sapi_out=sum-sapi.sapi.h --sapi_embed
    _dir=/home/REDACTED/sandboxed-api_cb_build/sandboxed_api/examples/sum/lib --sapi_embed_name=sum-sapi --sapi_functions=sum,sums,addf,sub,mul,divs,muld,crash,violate,sumarr,testptr,read_int,sleep_for_sec,sumproto --sapi_ns= --sapi_in=/hom
    e/REDACTED/sandboxed-api_cb/sandboxed_api/examples/sum/lib/sum.c,/home/REDACTED/sandboxed-api_cb/sandboxed_api/examples/sum/lib/sum_cpp.cc
    Traceback (most recent call last):            
      File "/home/REDACTED/sandboxed-api_cb/sandboxed_api/tools/generator2/sapi_generator.py", line 73, in <module>                                                                                                                             
        app.run(main)                       
      File "/home/nomad/.local/lib/python3.7/site-packages/absl/app.py", line 299, in run
        _run_main(main, args)
      File "/home/nomad/.local/lib/python3.7/site-packages/absl/app.py", line 250, in _run_main
        sys.exit(main(argv))
      File "/home/REDACTED/sandboxed-api_cb/sandboxed_api/tools/generator2/sapi_generator.py", line 62, in main
        FLAGS.sapi_embed_dir, FLAGS.sapi_embed_name)
      File "/home/REDACTED/sandboxed-api_cb/sandboxed_api/tools/generator2/code.py", line 725, in generate
        related_types = self._get_related_types(function_names) 
      File "/home/REDACTED/sandboxed-api_cb/sandboxed_api/tools/generator2/code.py", line 784, in _get_related_types
        for f in self._get_functions(func_names):
      File "/home/REDACTED/sandboxed-api_cb/sandboxed_api/tools/generator2/code.py", line 751, in _get_functions
        f for f in translation_unit.get_functions()
      File "/home/REDACTED/sandboxed-api_cb/sandboxed_api/tools/generator2/code.py", line 605, in get_functions
        self._process()
      File "/home/REDACTED/sandboxed-api_cb/sandboxed_api/tools/generator2/code.py", line 582, in _process
        if cursor.kind.is_declaration():
      File "/usr/local/lib/python3.7/dist-packages/clang/cindex.py", line 1517, in kind
        return CursorKind.from_id(self._kind_id)
      File "/usr/local/lib/python3.7/dist-packages/clang/cindex.py", line 636, in from_id
        raise ValueError('Unknown template argument kind %d' % id)
    ValueError: Unknown template argument kind 440
    
  • Build error due to CMake problem

    Build error due to CMake problem

    CMake Error at build/_deps/jsonnet-build/googletest-src/googletest/cmake/internal_utils.cmake:152 (add_library):
      add_library cannot create target "gtest" because another target with the
      same name already exists.  The existing target is a static library created
      in source directory
      "/home/user/sandboxed-api/build/_deps/googletest-src/googletest".  See
      documentation for policy CMP0002 for more details.
    Call Stack (most recent call first):
      build/_deps/jsonnet-build/googletest-src/googletest/cmake/internal_utils.cmake:209 (cxx_library_with_type)
      build/_deps/jsonnet-build/googletest-src/googletest/CMakeLists.txt:131 (cxx_library)
    
    
    CMake Error at build/_deps/jsonnet-build/googletest-src/googletest/cmake/internal_utils.cmake:152 (add_library):
      add_library cannot create target "gtest_main" because another target with
      the same name already exists.  The existing target is a static library
      created in source directory
      "/home/user/sandboxed-api/build/_deps/googletest-src/googletest".  See
      documentation for policy CMP0002 for more details.
    Call Stack (most recent call first):
      build/_deps/jsonnet-build/googletest-src/googletest/cmake/internal_utils.cmake:209 (cxx_library_with_type)
      build/_deps/jsonnet-build/googletest-src/googletest/CMakeLists.txt:133 (cxx_library)
    
    
    CMake Error at build/_deps/jsonnet-build/googletest-src/googletest/CMakeLists.txt:146 (target_link_libraries):
      Attempt to add link library "gtest" to target "gtest_main" which is not
      built in this directory.
    
      This is allowed only when policy CMP0079 is set to NEW.
    
    
    CMake Error at build/_deps/jsonnet-build/googletest-src/googletest/cmake/internal_utils.cmake:152 (add_library):
      add_library cannot create target "gmock" because another target with the
      same name already exists.  The existing target is a static library created
      in source directory
      "/home/user/sandboxed-api/build/_deps/googletest-src/googlemock".  See
      documentation for policy CMP0002 for more details.
    Call Stack (most recent call first):
      build/_deps/jsonnet-build/googletest-src/googletest/cmake/internal_utils.cmake:209 (cxx_library_with_type)
      build/_deps/jsonnet-build/googletest-src/googlemock/CMakeLists.txt:101 (cxx_library)
    
    
    CMake Error at build/_deps/jsonnet-build/googletest-src/googlemock/CMakeLists.txt:102 (target_link_libraries):
      Attempt to add link library "gtest" to target "gmock" which is not built in
      this directory.
    
      This is allowed only when policy CMP0079 is set to NEW.
    
    
    CMake Error at build/_deps/jsonnet-build/googletest-src/googletest/cmake/internal_utils.cmake:152 (add_library):
      add_library cannot create target "gmock_main" because another target with
      the same name already exists.  The existing target is a static library
      created in source directory
      "/home/user/sandboxed-api/build/_deps/googletest-src/googlemock".  See
      documentation for policy CMP0002 for more details.
    Call Stack (most recent call first):
      build/_deps/jsonnet-build/googletest-src/googletest/cmake/internal_utils.cmake:209 (cxx_library_with_type)
      build/_deps/jsonnet-build/googletest-src/googlemock/CMakeLists.txt:104 (cxx_library)
    
    
    CMake Error at build/_deps/jsonnet-build/googletest-src/googlemock/CMakeLists.txt:105 (target_link_libraries):
      Attempt to add link library "gmock" to target "gmock_main" which is not
      built in this directory.
    
      This is allowed only when policy CMP0079 is set to NEW.
    
  • Don't accidentially generate trigraphs in filewrapper

    Don't accidentially generate trigraphs in filewrapper

    When trying out this library, I ran into the problem of the sandboxee crashing with the following error on optimized builds (debug builds worked fine):

    [comms.cc : 561] RAW: read: Connection reset by peer [104]
    [forkserver.cc : 96] RAW: Receiving init PID from the ForkServer failed
    WARNING: Logging before InitGoogleLogging() is written to STDERR
    E0325 13:18:53.440409 13504 executor.cc:157] Could not obtain init PID
    [comms.cc : 535] RAW: write: Bad file descriptor [9]
    [forkserver.cc : 68] RAW: Sending PB to the ForkServer failed
    

    I traced to problem down to a SIGSEGV, when spawning the embedded child and the problem turned out to be, that parts of the embedded data were interpreted as trigraphs by gcc. This PR fixes this problem by emitting \? instead of ? in the filewrapper.

  • Sandbox2 does not work in Docker Container if it runs without --privileged flag

    Sandbox2 does not work in Docker Container if it runs without --privileged flag

    Hi colleagues!

    I want to use sandbox2 inside docker container. To understand what capabilities I need to use I have build tools (andboxed_api/sandbox2/examples)/tool) and want to run it inside container

    Dockerfile: FROM mcr.microsoft.com/devcontainers/cpp:ubuntu-22.04 COPY sandbox2tool sandbox2tool

    How I tried to run docker container and it did not work:

    1. docker run --cap-add CAP_SYS_ADMIN --cap-add CAP_NET_ADMIN -it sandbox_img/bin/bash
    2. docker run --rm -it --cap-add=ALL -it sandbox_img/bin/bash
    3. docker run --rm -it --cap-add=ALL --security-opt apparmor=unconfined -it sandbox_img/bin/bash Error: root ➜ / $ ./sandbox2tool /bin/sh [global_forkclient.cc : 121] RAW: Starting global forkserver [namespace.cc : 353] RAW: Check syscall(__NR_pivot_root, kSandbox2ChrootPath, realroot_path.c_str()) != -1 failed: pivot root: Operation not permitted [1] [forkserver.cc : 594] RAW: Check TEMP_FAILURE_RETRY(read(fds[1], &unused, 1)) == 1 failed: synchronizing initial namespaces creation: No such file or directory [2] E1124 11:12:41.759428 57 fork_client.cc:61] Receiving init PID from the ForkServer failed E1124 11:12:41.759502 57 global_forkclient.cc:276] Global forkserver connection terminated [global_forkclient.cc : 199] RAW: forkserver (pid=58) terminated by signal 6 E1124 11:12:41.759627 56 sandbox2tool.cc:235] Sandbox failed E1124 11:12:41.759695 56 sandbox2tool.cc:241] Sandbox error: SETUP_ERROR - Code: FAILED_SUBPROCESS

    If I run docker image with --privileged flag it works without any issue.

  • Build errors with libtooling-based generator

    Build errors with libtooling-based generator

    [1/13] Generating interface
    FAILED: contrib/libxslt/libxslt_sapi.sapi.h /home/user/sandboxed-api/build/contrib/libxslt/libxslt_sapi.sapi.h 
    cd /home/user/sandboxed-api/build/contrib/libxslt && /home/user/sandboxed-api/build/sandboxed_api/tools/clang_generator/sapi_generator_tool -p /home/user/sandboxed-api/build/contrib/libxslt --sapi_name=LibXSLT --sapi_out=libxslt_sapi.sapi.h --sapi_embed_dir=/home/user/sandboxed-api/build/contrib/libxslt --sapi_embed_name=libxslt_sapi --sapi_functions=xmlInitParser,sapi_xsltParseStylesheetDoc,xmlReadFd,xsltApplyStylesheet,xsltSaveResultToFile,xsltFreeStylesheet,xmlFreeDoc,xmlSaveToFd,xmlSaveDoc,xmlSaveFlush,xmlSaveClose --sapi_ns=sapi::contrib::libxslt /home/user/sandboxed-api/contrib/libxslt/wrapper.h
    In file included from /home/user/sandboxed-api/contrib/libxslt/wrapper.h:4:
    In file included from /usr/include/libxml2/libxml/SAX.h:15:
    /usr/include/stdio.h:33:10: fatal error: 'stddef.h' file not found
    #include <stddef.h>
             ^~~~~~~~~~
    1 error generated.
    Error while processing /home/user/sandboxed-api/contrib/libxslt/wrapper.h.
    header generation failed
    

    It looks like libtooling isn’t finding stddef.h, which is under /usr/lib/gcc/x86_64-redhat-linux/11/include on my system.

  • Fedora: cannot build jsonnet

    Fedora: cannot build jsonnet

    CMake Error at build/_deps/jsonnet-build/googletest-src/googletest/cmake/internal_utils.cmake:152 (add_library):
      add_library cannot create target "gtest" because another target with the
      same name already exists.  The existing target is a static library created
      in source directory
      "/home/user/sandboxed-api/build/_deps/googletest-src/googletest".  See
      documentation for policy CMP0002 for more details.
    Call Stack (most recent call first):
      build/_deps/jsonnet-build/googletest-src/googletest/cmake/internal_utils.cmake:209 (cxx_library_with_type)
      build/_deps/jsonnet-build/googletest-src/googletest/CMakeLists.txt:131 (cxx_library)
    
    
    CMake Error at build/_deps/jsonnet-build/googletest-src/googletest/cmake/internal_utils.cmake:152 (add_library):
      add_library cannot create target "gtest_main" because another target with
      the same name already exists.  The existing target is a static library
      created in source directory
      "/home/user/sandboxed-api/build/_deps/googletest-src/googletest".  See
      documentation for policy CMP0002 for more details.
    Call Stack (most recent call first):
      build/_deps/jsonnet-build/googletest-src/googletest/cmake/internal_utils.cmake:209 (cxx_library_with_type)
      build/_deps/jsonnet-build/googletest-src/googletest/CMakeLists.txt:133 (cxx_library)
    
    
    CMake Error at build/_deps/jsonnet-build/googletest-src/googletest/CMakeLists.txt:146 (target_link_libraries):
      Attempt to add link library "gtest" to target "gtest_main" which is not
      built in this directory.
    
      This is allowed only when policy CMP0079 is set to NEW.
    
    
    CMake Error at build/_deps/jsonnet-build/googletest-src/googletest/cmake/internal_utils.cmake:152 (add_library):
      add_library cannot create target "gmock" because another target with the
      same name already exists.  The existing target is a static library created
      in source directory
      "/home/user/sandboxed-api/build/_deps/googletest-src/googlemock".  See
      documentation for policy CMP0002 for more details.
    Call Stack (most recent call first):
      build/_deps/jsonnet-build/googletest-src/googletest/cmake/internal_utils.cmake:209 (cxx_library_with_type)
      build/_deps/jsonnet-build/googletest-src/googlemock/CMakeLists.txt:101 (cxx_library)
    
    
    CMake Error at build/_deps/jsonnet-build/googletest-src/googlemock/CMakeLists.txt:102 (target_link_libraries):
      Attempt to add link library "gtest" to target "gmock" which is not built in
      this directory.
    
      This is allowed only when policy CMP0079 is set to NEW.
    
    
    CMake Error at build/_deps/jsonnet-build/googletest-src/googletest/cmake/internal_utils.cmake:152 (add_library):
      add_library cannot create target "gmock_main" because another target with
      the same name already exists.  The existing target is a static library
      created in source directory
      "/home/user/sandboxed-api/build/_deps/googletest-src/googlemock".  See
      documentation for policy CMP0002 for more details.
    Call Stack (most recent call first):
      build/_deps/jsonnet-build/googletest-src/googletest/cmake/internal_utils.cmake:209 (cxx_library_with_type)
      build/_deps/jsonnet-build/googletest-src/googlemock/CMakeLists.txt:104 (cxx_library)
    
    
    CMake Error at build/_deps/jsonnet-build/googletest-src/googlemock/CMakeLists.txt:105 (target_link_libraries):
      Attempt to add link library "gmock" to target "gmock_main" which is not
      built in this directory.
    
      This is allowed only when policy CMP0079 is set to NEW.
    
    
    
  • Undefined symbol errors in c-blosc

    Undefined symbol errors in c-blosc

    [329/428] Linking C executable _deps/libblosc-build/tests/test_api
    FAILED: _deps/libblosc-build/tests/test_api 
    : && /usr/bin/clang -O3 -DNDEBUG -rdynamic _deps/libblosc-build/tests/CMakeFiles/test_api.dir/test_api.c.o -o _deps/libblosc-build/tests/test_api -L/home/user/sandboxed-api/build/_deps/libblosc-build/blosc _deps/libblosc-build/blosc/libblosc_testing.so && :
    ld: error: _deps/libblosc-build/blosc/libblosc_testing.so: undefined reference to compress2 [--no-allow-shlib-undefined]
    ld: error: _deps/libblosc-build/blosc/libblosc_testing.so: undefined reference to uncompress [--no-allow-shlib-undefined]
    clang-13: error: linker command failed with exit code 1 (use -v to see invocation)
    [334/428] Building C object _deps/libblosc-build/blosc/CMakeFiles/blosc_static.dir/__/internal-complibs/zstd-1.5.0/compress/zstd_lazy.c.o
    ninja: build stopped: subcommand failed.
    
  • fd_set causes code generator to generate bogus code

    fd_set causes code generator to generate bogus code

    If a function uses fd_set as an argument, the generator generates bogus and syntactically incorrect code. It should fail with a better error message instead.

Indexes points and lines and generates map tiles to display them

Datamaps This is a tool for indexing large lists of geographic points or lines and dynamically generating map tiles from the index for display. Depend

Dec 6, 2022
A simple application that generates animated BTTV emotes from static images

emoteJAM WARNING! The application is in active development and can't do anything yet. A simple application that generates animated BTTV emotes from st

Apr 27, 2021
A tool that analyzes headers and generates introspection code

A tool that analyzes headers and generates introspection code

Nov 7, 2021
The C++ REST SDK is a Microsoft project for cloud-based client-server communication in native code using a modern asynchronous C++ API design. This project aims to help C++ developers connect to and interact with services.

The C++ REST SDK is a Microsoft project for cloud-based client-server communication in native code using a modern asynchronous C++ API design. This project aims to help C++ developers connect to and interact with services.

Jan 2, 2023
zsh module for automatically compiling sourced files
zsh module for automatically compiling sourced files

Zinit Module Motivation The module is a binary Zsh module (think about zmodload Zsh command, it's that topic) which transparently and automatically co

Dec 25, 2022
The goal of arrowvctrs is to wrap the Arrow Data C API and Arrow Stream C API to provide lightweight Arrow support for R packages

The goal of arrowvctrs is to wrap the Arrow Data C API and Arrow Stream C API to provide lightweight Arrow support for R packages to consume and produce streams of data in Arrow format. Right now it’s just a fun way for me to learn about Arrow!

Aug 5, 2022
Windows kernel hacking framework, driver template, hypervisor and API written on C++

Windows kernel hacking framework, driver template, hypervisor and API written on C++

Jan 4, 2023
Unofficial C++ beta SDK for the top.gg API.

topgg-cpp-sdk (Beta) Unofficial C++11 beta SDK for the top.gg API. Please note that the library is currently not completed yet! Requirements: libcurl

Nov 16, 2021
PANDA open source project

PANDA (Protocol And Network Datapath Acceleration) Protocol and Network Datapath Acceleration, or PANDA, is a software programming model, framework, s

Sep 7, 2022
A Cobalt Strike Beacon Object File (BOF) project which uses direct system calls to enumerate processes for specific loaded modules or process handles.
A Cobalt Strike Beacon Object File (BOF) project which uses direct system calls to enumerate processes for specific loaded modules or process handles.

FindObjects-BOF A Cobalt Strike Beacon Object File (BOF) project which uses direct system calls to enumerate processes for specific modules or process

Dec 28, 2022
This project aims to facilitate debugging a kernel driver in windows by adding support for a code change on the fly without reboot/unload, and more!
This project aims to facilitate debugging a kernel driver in windows by adding support for a code change on the fly without reboot/unload, and more!

BSOD Survivor Tired of always telling yourself when you got a BSOD that what if I could just return to the caller function which caused the BSOD, and

Dec 21, 2022
tlRender, or timeline render, is an early stage project for rendering editorial timelines
tlRender, or timeline render, is an early stage project for rendering editorial timelines

tlRender tlRender, or timeline render, is an early stage project for rendering editorial timelines. The project includes libraries for rendering timel

Dec 30, 2022
This project aims to code a C library regrouping usual functions.

42-formation-lvl1-1.libft Project 1 - Libft - First project for the formation of software engineers at school 42 São Paulo This project aims to code a

Jun 20, 2022
Group project: writing our own printf function
Group project: writing our own printf function

0x11. C - printf By Julien Barbier, co-founder & CEO Concepts For this project, students are expected to look at these concepts: Group Projects Pair P

Oct 24, 2022
Writing our own printf function, this is a project done under ALX Low Level Programming.

0x11. C - printf Writing our own printf function, this is a project done under ALX Low Level Programming. Resource secrets of printf Implementing prin

Oct 26, 2022
GNU project's implementation of the standard C library(with Xuantie RISC-V CPU support).

GNU project's implementation of the standard C library(with Xuantie RISC-V CPU support).

Mar 17, 2022
Open Source iOS 15 Jailbreak Project

Fugu Fugu is the first open source jailbreak tool based on the checkm8 exploit. UPDATE: Fugu will now install Sileo, SSH and Substitute automatically!

Dec 18, 2022
A bullet-hell shooter game made in C99 for my college project.
A bullet-hell shooter game made in C99 for my college project.

Kosmos A bullet-hell shooter game made in C99 for my college project. Building Linux Install requied libraries Ubuntu sudo apt install libasound2-dev

Nov 1, 2022
✔️The smallest header-only GUI library(4 KLOC) for all platforms
✔️The smallest header-only GUI library(4 KLOC) for all platforms

Welcome to GUI-lite The smallest header-only GUI library (4 KLOC) for all platforms. 中文 Lightweight ✂️ Small: 4,000+ lines of C++ code, zero dependenc

Jan 8, 2023
A program that automatically generates CMake and Meson configuration files for your Vala project

Autovala is a program and a library designed to help in the creation of projects with Vala and CMake. It also has support for Genie.

Oct 15, 2022