-
Notifications
You must be signed in to change notification settings - Fork 0
/
confine.c
103 lines (94 loc) · 2.56 KB
/
confine.c
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <sys/types.h>
#include <sys/wait.h>
#include <unistd.h>
#include <sys/time.h>
#include <sys/resource.h>
#include <signal.h>
#include <time.h>
void handler(int sig);
FILE *f;
int main(int argc, char **argv){
if(argc<2){
fprintf(stderr, "usage: %s ./binary <arg1> <arg2>...\n", argv[0]);
exit(EXIT_FAILURE);
}
f = fopen("confine_result.txt", "w");
int num_args = argc-2;
char *arguments[num_args+1];
if(argc > 2){
for(int i = 0; i<num_args; i++){
arguments[i] = (char *)*(argv+i+2);
}
}
arguments[num_args] = (char *)0;
fprintf(f, "%s", argv[1]);
for(int i = 0; i<num_args; i++){
fprintf(f, " %s ", arguments[i]);
}
struct rlimit *mem_rlim = malloc(sizeof(struct rlimit));
struct rlimit *file_rlim = malloc(sizeof(struct rlimit));;
mem_rlim->rlim_cur = 67108864;
file_rlim->rlim_cur = 417792;
mem_rlim->rlim_max = 67108864;
file_rlim->rlim_max = 417792;
pid_t pid = fork();
if(pid == 0){//in child
setrlimit(RLIMIT_AS,mem_rlim);
setrlimit(RLIMIT_FSIZE,file_rlim);
signal(SIGALRM, handler);
alarm(60);
execve(argv[1], arguments, NULL);
perror("execve failed");
exit(EXIT_FAILURE);
}
else{//in parent
int waitstatus;
int wpid = waitpid(pid, &waitstatus, 0);
if (wpid != -1) {
if ( WIFEXITED(waitstatus) ) {
int returned = WEXITSTATUS(waitstatus);
printf("Child process exited normally with status: %d\n", returned);
fprintf(f, "\n%s", "NORMAL");
}
else if ( WIFSIGNALED(waitstatus) ) {
int sig_num = WTERMSIG(waitstatus);
printf("Child process exited due to receiving WIFSIGNALED signal %d\n", sig_num);
if(sig_num == 14){//timeout
fprintf(f, "\n%s", "TIMEOUT");
exit(127);
}
else if(sig_num == 11 || sig_num == 25){//memory || file size
fprintf(f, "\n%s", "TERMINATED");
exit(127);
}
else{
fprintf(f, "\n%s", "TERMINATED");
exit(128);
}
}
else if ( WIFSTOPPED(waitstatus) ) {
int sig_num = WSTOPSIG(waitstatus);
printf("Child process stopped due to receiving WIFSTOPPED signal %d\n", sig_num);
fprintf(f, "\n%s", "TERMINATED");
exit(128);
}
else {
printf("Other error in child process\n");
fprintf(f, "\n%s", "TERMINATED");
exit(128);
}
}
else {
perror("waitpid() failed");
exit(EXIT_FAILURE);
}
}
fclose(f);
free(mem_rlim);
free(file_rlim);
return 0;
}
void handler(int sig){}