Sandboxing C ++ Dynamic Libraries

Question

Sandboxing C ++ Dynamic Libraries

I am wondering if a dynamically linked library is possible in the sandbox through dlopen and friends. The goal is to repair the error in the library without breaking the entire application, such as SEGFAULT, etc.

Has anyone had experience in this area?

+3

c ++ dynamic dlopen sandbox

Corvusoft Jul 17 '10 at 13:23

source share

3 answers

fork() , . , .

+4

che 17 . '10 13:41

segfault ? , , , .

found this related question by pointing to a CERT advisory board suggesting that you don’t return from the SIGSEGV handler if you want portability.

0

Sam miller Jul 17 '10 at 14:22

source share

Elf King · Accepted Answer · 2010-07-17T14:22:46+0000

Well, generally speaking, exception handling is highly dependent on the operating system. I am going to make some assumptions and try to give some general recommendations. Please know that this is by no means an exhaustive answer, but should serve as a place to start.

I will assume that:

For the most part, you are interested in protecting against memory leaks.
Windows ( - ), dlopen ( LoadLibrary)
++. mini howto dlopen ++

, , , , , * nix Windows.

( ++ ? , ) try-catch.

, (SIGSEGV, SIGFPE ..):

POSIX, sigaction...

, , . SIGSEG sigaction ( .init-), . SA_STACK, , , , SA_SIGINFO, , .

- GNU libc

++: try-catch,

{ Foo(); } () { // - }

foo - , dll . ++ dlopen mini-howto ..

, , , .

Sandboxing C ++ Dynamic Libraries

More articles: