Commit graph

5 commits

Author SHA1 Message Date
Miklos Vajna
b8bd1990aa Rework LOOLProtocol::tokenize() to return a StringVector object
The bulk of this commit just changes std::vector<std::string> to
StringVector when we deal with tokens from a websocket message.

The less boring part of it is the new StringVector class, which is a
wrapper around std::vector<std::string>, and provides the same API,
except that operator[] returns a string, not a string&, and this allows
returning an empty string in case that prevents reading past the end of
the underlying array.

This means in case client code forgets to check size() before invoking
operator[], we don't crash. (See the ~3 previous commits which fixed
such crashes.)

Later the ctor could be changed to take a single underlying string to
avoid lots of tiny allocations, that's not yet done in this commit.

Change-Id: I8a6082143a8ac0b65824f574b32104d7889c184f
Reviewed-on: https://gerrit.libreoffice.org/c/online/+/89687
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com>
Reviewed-by: Miklos Vajna <vmiklos@collabora.com>
2020-02-28 16:07:56 +01:00
Ashod Nakashian
3158d4c31c wsd: always use signal-safe calls
The async-signal-safe functions to get thread-id
and thread-name, which cache the results, are
faster, cleaner, and signal-safe. No reason why
we shouldn't always use them.

Especially since it appears the logic was
inverted in Log::prefix, such that the signal
un-safe calls were made during signal-handling,
and the safe ones were called otherwise!

Instead of passing the signal-safe flag to
Log::prefix, we pass the buffer size, for
improved security.

Furthermore, reduce header dependencies
and reduce clutter.

Change-Id: I697689b2f0a290b6d8cce4babc3ac1e576141da6
2018-10-16 20:12:23 -04:00
Andras Timar
ad8bffa04a configure option to disable SECCOMP
Change-Id: I8120674b60d388a3f85190631469a112c4af9266
Reviewed-on: https://gerrit.libreoffice.org/39408
Reviewed-by: Michael Meeks <michael.meeks@collabora.com>
Tested-by: Michael Meeks <michael.meeks@collabora.com>
2017-07-03 11:43:01 +02:00
Ashod Nakashian
92d29b1ce7 wsd: support setting process rlimits
Change-Id: I7117e6843d2ebc919d7d2303cc593de888cc54b1
Reviewed-on: https://gerrit.libreoffice.org/38672
Reviewed-by: Ashod Nakashian <ashnakash@gmail.com>
Tested-by: Ashod Nakashian <ashnakash@gmail.com>
2017-06-12 06:17:21 +02:00
Michael Meeks
7f4f752667 Initial seccomp work.
Add a list of unhelpful looking system calls to improve containment.

Change-Id: I2e4bf3e0a6a752d427299728663d17120586bb10
2017-04-28 14:26:21 +01:00