[gentoo-commits] proj/sandbox:master commit in: libsandbox/

Mike Gilbert Sat, 22 Feb 2025 11:49:18 -0800

commit:     5053309dbac80954b98e45ba8cb6feb5c8c29712
Author:     Mike Gilbert <floppym <AT> gentoo <DOT> org>
AuthorDate: Mon Feb  3 00:29:16 2025 +0000
Commit:     Mike Gilbert <floppym <AT> gentoo <DOT> org>
CommitDate: Sat Feb 15 01:42:35 2025 +0000
URL:        https://gitweb.gentoo.org/proj/sandbox.git/commit/?id=5053309d


Reorder arguments in before_syscall()

Signed-off-by: Mike Gilbert <floppym <AT> gentoo.org>

 libsandbox/libsandbox.c | 16 ++++++++--------
 libsandbox/libsandbox.h | 20 ++++++++++----------
 2 files changed, 18 insertions(+), 18 deletions(-)

diff --git a/libsandbox/libsandbox.c b/libsandbox/libsandbox.c
index ab3d955..fe44ab6 100644
--- a/libsandbox/libsandbox.c
+++ b/libsandbox/libsandbox.c
@@ -1078,7 +1078,7 @@ static int resolve_dirfd_path_alloc(int dirfd, const char 
*path, char **resolved
        return result;
 }
 
-bool before_syscall(int dirfd, int sb_nr, const char *func, const char *file, 
int flags)
+bool before_syscall(int sb_nr, const char *func, int dirfd, const char *file, 
int flags)
 {
        int result;
        char *at_file_buf;
@@ -1132,7 +1132,7 @@ bool before_syscall(int dirfd, int sb_nr, const char 
*func, const char *file, in
        return result ? true : false;
 }
 
-bool before_syscall_access(int dirfd, int sb_nr, const char *func, const char 
*file, int mode, int flags)
+bool before_syscall_access(int sb_nr, const char *func, int dirfd, const char 
*file, int mode, int flags)
 {
        const char *ext_func;
        if (mode & W_OK) {
@@ -1146,17 +1146,17 @@ bool before_syscall_access(int dirfd, int sb_nr, const 
char *func, const char *f
        else
                /* Must be F_OK or X_OK; we do not need to check either. */
                return true;
-       return before_syscall(dirfd, sb_nr, ext_func, file, flags);
+       return before_syscall(sb_nr, ext_func, dirfd, file, flags);
 }
 
-bool before_syscall_open_int(int dirfd, int sb_nr, const char *func, const 
char *file, int flags)
+bool before_syscall_open_int(int sb_nr, const char *func, int dirfd, const 
char *file, int flags)
 {
        const char *ext_func;
        if ((flags & O_WRONLY) || (flags & O_RDWR))
                sb_nr = SB_NR_OPEN_WR, ext_func = "open_wr";
        else
                sb_nr = SB_NR_OPEN_RD, ext_func = "open_rd";
-       return before_syscall(dirfd, sb_nr, ext_func, file, flags);
+       return before_syscall(sb_nr, ext_func, dirfd, file, flags);
 }
 
 bool before_syscall_fd(int sb_nr, const char *func, int fd) {
@@ -1168,13 +1168,13 @@ bool before_syscall_fd(int sb_nr, const char *func, int 
fd) {
         * overkill. */
        char path[sizeof("/proc/self/fd/") + 64];
        snprintf(path, sizeof("/proc/self/fd/") + 64, "/proc/self/fd/%i", fd);
-       return before_syscall(AT_FDCWD, sb_nr, func, path, 0);
+       return before_syscall(sb_nr, func, AT_FDCWD, path, 0);
 #else
        return true;
 #endif
 }
 
-bool before_syscall_open_char(int dirfd, int sb_nr, const char *func, const 
char *file, const char *mode)
+bool before_syscall_open_char(int sb_nr, const char *func, int dirfd, const 
char *file, const char *mode)
 {
        if (NULL == mode)
                return false;
@@ -1186,7 +1186,7 @@ bool before_syscall_open_char(int dirfd, int sb_nr, const 
char *func, const char
                sb_nr = SB_NR_OPEN_RD, ext_func = "fopen_rd";
        else
                sb_nr = SB_NR_OPEN_WR, ext_func = "fopen_wr";
-       return before_syscall(dirfd, sb_nr, ext_func, file, 0);
+       return before_syscall(sb_nr, ext_func, dirfd, file, 0);
 }
 
 typedef struct {

diff --git a/libsandbox/libsandbox.h b/libsandbox/libsandbox.h
index 1bc79bb..bb3c1a4 100644
--- a/libsandbox/libsandbox.h
+++ b/libsandbox/libsandbox.h
@@ -15,7 +15,7 @@
        (!is_sandbox_on() || (test))
 
 #define _SB_SAFE_AT(_nr, _name, _dirfd, _path, _flags) \
-       __SB_SAFE(before_syscall(_dirfd, _nr, _name, _path, _flags))
+       __SB_SAFE(before_syscall(_nr, _name, _dirfd, _path, _flags))
 #define  SB_SAFE_AT(_dirfd, _path, _flags) \
         _SB_SAFE_AT(WRAPPER_NR, STRING_NAME, _dirfd, _path, _flags)
 #define _SB_SAFE(_nr, _name, _path) \
@@ -24,7 +24,7 @@
          SB_SAFE_AT(AT_FDCWD, _path, 0)
 
 #define _SB_SAFE_ACCESS_AT(_nr, _name, _dirfd, _path, _mode, _flags) \
-       __SB_SAFE(before_syscall_access(_dirfd, _nr, _name, _path, _mode, 
_flags))
+       __SB_SAFE(before_syscall_access(_nr, _name, _dirfd, _path, _mode, 
_flags))
 #define  SB_SAFE_ACCESS_AT(_dirfd, _path, _mode, _flags) \
         _SB_SAFE_ACCESS_AT(WRAPPER_NR, STRING_NAME, _dirfd, _path, _mode, 
_flags)
 #define _SB_SAFE_ACCESS(_nr, _name, _path, _mode) \
@@ -33,7 +33,7 @@
          SB_SAFE_ACCESS_AT(AT_FDCWD, _path, _mode, 0)
 
 #define _SB_SAFE_OPEN_INT_AT(_nr, _name, _dirfd, _path, _flags) \
-       __SB_SAFE(before_syscall_open_int(_dirfd, _nr, _name, _path, _flags))
+       __SB_SAFE(before_syscall_open_int(_nr, _name, _dirfd, _path, _flags))
 #define  SB_SAFE_OPEN_INT_AT(_dirfd, _path, _flags) \
         _SB_SAFE_OPEN_INT_AT(WRAPPER_NR, STRING_NAME, _dirfd, _path, _flags)
 #define _SB_SAFE_OPEN_INT(_nr, _name, _path, _flags) \
@@ -42,12 +42,12 @@
          SB_SAFE_OPEN_INT_AT(AT_FDCWD, _path, _flags)
 
 #define  SB_SAFE_OPEN_CHAR_AT(_dirfd, _path, _mode) \
-       __SB_SAFE(before_syscall_open_char(_dirfd, WRAPPER_NR, STRING_NAME, 
_path, _mode))
+       __SB_SAFE(before_syscall_open_char(WRAPPER_NR, STRING_NAME, _dirfd, 
_path, _mode))
 #define  SB_SAFE_OPEN_CHAR(_path, _mode) \
          SB_SAFE_OPEN_CHAR_AT(AT_FDCWD, _path, _mode)
 
 #define _SB_SAFE_FD(_nr, _name, _fd) \
-        __SB_SAFE(before_syscall_fd(_nr, _name, fd))
+        __SB_SAFE(before_syscall_fd(_nr, _name, _fd))
 #define  SB_SAFE_FD(_fd) \
          _SB_SAFE_FD(WRAPPER_NR, STRING_NAME, _fd)
 
@@ -56,11 +56,11 @@
 #define SB_NR_IS_DEFINED(nr) (nr > SB_NR_UNDEF)
 
 bool is_sandbox_on(void);
-bool before_syscall(int, int, const char *, const char *, int);
-bool before_syscall_access(int, int, const char *, const char *, int, int);
-bool before_syscall_open_int(int, int, const char *, const char *, int);
-bool before_syscall_open_char(int, int, const char *, const char *, const char 
*);
-bool before_syscall_fd(int, const char *, int);
+bool before_syscall(int sb_nr, const char *func, int dirfd, const char *file, 
int flags);
+bool before_syscall_access(int sb_nr, const char *func, int dirfd, const char 
*file, int mode, int flags);
+bool before_syscall_open_int(int sb_nr, const char *func, int dirfd, const 
char *file, int flags);
+bool before_syscall_open_char(int sb_nr, const char *func, int dirfd, const 
char *file, const char *mode);
+bool before_syscall_fd(int sb_nr, const char *func, int fd);
 
 enum sandbox_method_t get_sandbox_method(void);

[gentoo-commits] proj/sandbox:master commit in: libsandbox/

Reply via email to