Skip to content

Commit

Permalink
executors: implement sys_renameat sandboxing for compilers
Browse files Browse the repository at this point in the history
  • Loading branch information
quantum5 committed Sep 19, 2021
1 parent 49b01bd commit c554fca
Showing 1 changed file with 17 additions and 2 deletions.
19 changes: 17 additions & 2 deletions dmoj/executors/compiled_executor.py
Original file line number Diff line number Diff line change
Expand Up @@ -122,8 +122,7 @@ def handle_execve(debugger):
sys_fallocate: ALLOW,
sys_ftruncate: ALLOW,
sys_rename: self.do_rename,
# FIXME: this doesn't validate the source nor target
sys_renameat: ALLOW,
sys_renameat: self.do_renameat,
# I/O system calls
sys_readv: ALLOW,
sys_pwrite64: ALLOW,
Expand Down Expand Up @@ -221,6 +220,22 @@ def do_rename(self, debugger: Debugger) -> bool:

return True

def do_renameat(self, debugger: Debugger) -> bool:
old_path, old_path_error = self.read_path('renameat', debugger, debugger.uarg1)
if old_path_error is not None:
return old_path_error

new_path, new_path_error = self.read_path('renameat', debugger, debugger.uarg3)
if new_path_error is not None:
return new_path_error

if not self._file_access_check(old_path, debugger, is_write=True, is_open=False, dirfd=debugger.uarg0):
return ACCESS_EPERM(debugger)
if not self._file_access_check(new_path, debugger, is_write=True, is_open=False, dirfd=debugger.uarg2):
return ACCESS_EPERM(debugger)

return True


class CompiledExecutor(BaseExecutor, metaclass=_CompiledExecutorMeta):
executable_size = env.compiler_size_limit * 1024
Expand Down

0 comments on commit c554fca

Please sign in to comment.