C++程序  |  57行  |  1.85 KB

// Copyright (c) 2012 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.

#ifndef SANDBOX_LINUX_SECCOMP_BPF_SYSCALL_ITERATOR_H__
#define SANDBOX_LINUX_SECCOMP_BPF_SYSCALL_ITERATOR_H__

#include <stdint.h>

#include "base/basictypes.h"
#include "sandbox/sandbox_export.h"

namespace sandbox {

// Iterates over the entire system call range from 0..0xFFFFFFFFu. This
// iterator is aware of how system calls look like and will skip quickly
// over ranges that can't contain system calls. It iterates more slowly
// whenever it reaches a range that is potentially problematic, returning
// the last invalid value before a valid range of system calls, and the
// first invalid value after a valid range of syscalls. It iterates over
// individual values whenever it is in the normal range for system calls
// (typically MIN_SYSCALL..MAX_SYSCALL).
// If |invalid_only| is true, this iterator will only return invalid
// syscall numbers, but will still skip quickly over invalid ranges,
// returning the first invalid value in the range and then skipping
// to the last invalid value in the range.
//
// Example usage:
//   for (SyscallIterator iter(false); !iter.Done(); ) {
//     uint32_t sysnum = iter.Next();
//     // Do something with sysnum.
//   }
//
// TODO(markus): Make this a classic C++ iterator.
class SANDBOX_EXPORT SyscallIterator {
 public:
  explicit SyscallIterator(bool invalid_only)
      : invalid_only_(invalid_only), done_(false), num_(0) {}

  bool Done() const { return done_; }
  uint32_t Next();
  static bool IsValid(uint32_t num);

 private:
  static bool IsArmPrivate(uint32_t num);

  bool invalid_only_;
  bool done_;
  uint32_t num_;

  DISALLOW_IMPLICIT_CONSTRUCTORS(SyscallIterator);
};

}  // namespace sandbox

#endif  // SANDBOX_LINUX_SECCOMP_BPF_SYSCALL_ITERATOR_H__