[pypy-commit] pypy sandbox-2: More fixes

arigo Tue, 27 Aug 2019 00:36:39 -0700

Author: Armin Rigo <[email protected]>
Branch: sandbox-2
Changeset: r97291:bf7d11fce803
Date: 2019-08-27 09:35 +0200
http://bitbucket.org/pypy/pypy/changeset/bf7d11fce803/


Log:    More fixes

diff --git a/pypy/module/_io/interp_fileio.py b/pypy/module/_io/interp_fileio.py
--- a/pypy/module/_io/interp_fileio.py
+++ b/pypy/module/_io/interp_fileio.py
@@ -374,7 +374,7 @@
         length = rwbuffer.getlength()
 
         target_address = lltype.nullptr(rffi.CCHARP.TO)
-        if length > 64:
+        if length > 64 and not space.config.translation.sandbox:
             try:
                 target_address = rwbuffer.get_raw_address()
             except ValueError:
@@ -394,6 +394,13 @@
         else:
             # optimized case: reading more than 64 bytes into a rwbuffer
             # with a valid raw address
+
+            # XXX note that this is not fully safe, because we don't "lock"
+            # the buffer so we can't in theory pass its raw address to 
c_read().
+            # Another thread could cause it to be freed in parallel.
+            # Without proper buffer locking, it's not going to be fixed, 
though.
+            assert not space.config.translation.sandbox
+
             got = c_read(self.fd, target_address, length)
             keepalive_until_here(rwbuffer)
             got = rffi.cast(lltype.Signed, got)
diff --git a/rpython/rlib/rposix.py b/rpython/rlib/rposix.py
--- a/rpython/rlib/rposix.py
+++ b/rpython/rlib/rposix.py
@@ -1016,6 +1016,7 @@
         debug.debug_forked(ofs)
     return childpid
 
+@sandbox_review(reviewed=True)
 @replace_os_function('openpty')
 @jit.dont_look_inside
 def openpty():
@@ -1353,6 +1354,7 @@
         c_pipe2 = external('pipe2', [INT_ARRAY_P, rffi.INT], rffi.INT,
                           save_err=rffi.RFFI_SAVE_ERRNO)
 
+@sandbox_review(reviewed=True)
 @replace_os_function('pipe')
 def pipe(flags=0):
     # 'flags' might be ignored.  Check the result.
@@ -1389,6 +1391,7 @@
         finally:
             lltype.free(filedes, flavor='raw')
 
+@sandbox_review(reviewed=True)
 def pipe2(flags):
     # Only available if there is really a c_pipe2 function.
     # No fallback to pipe() if we get ENOSYS.
@@ -1906,6 +1909,7 @@
     c_setresgid = external('setresgid', [GID_T] * 3, rffi.INT,
                            save_err=rffi.RFFI_SAVE_ERRNO)
 
+    @sandbox_review(reviewed=True)
     @replace_os_function('getresuid')
     def getresuid():
         out = lltype.malloc(UID_T_P.TO, 3, flavor='raw')
@@ -1918,6 +1922,7 @@
         finally:
             lltype.free(out, flavor='raw')
 
+    @sandbox_review(reviewed=True)
     @replace_os_function('getresgid')
     def getresgid():
         out = lltype.malloc(GID_T_P.TO, 3, flavor='raw')
diff --git a/rpython/rlib/rposix_environ.py b/rpython/rlib/rposix_environ.py
--- a/rpython/rlib/rposix_environ.py
+++ b/rpython/rlib/rposix_environ.py
@@ -169,6 +169,7 @@
             l_result = getenv(l_name)
             return traits.charp2str(l_result) if l_result else None
 
+    @sandbox_review(reviewed=True)
     def putenv_llimpl(name, value):
         l_string = traits.str2charp(name + eq + value)
         error = rffi.cast(lltype.Signed, putenv(l_string))
_______________________________________________
pypy-commit mailing list
[email protected]
https://mail.python.org/mailman/listinfo/pypy-commit

[pypy-commit] pypy sandbox-2: More fixes

Reply via email to