author Jed Davis <>
Mon, 20 Nov 2017 10:47:54 -0700
changeset 447508 3b11a0bf7ae7a7fe0ed508583cf07441b68bab78
parent 294812 31a26ed444843f086c468a98236e8c98b7115b44
child 505383 6f3709b3878117466168c40affa7bca0b60cf75b
permissions -rw-r--r--
Bug 1409895 - Deny getcwd in the Linux content process sandbox. r=gcp getcwd won't do anything useful once we start chroot()ing to remove filesystem access; with this patch it will at least fail the same way regardless of whether user namespaces are available or if other factors prevent complete FS isolation. Bonus fix: improve the comments for this group of syscalls. MozReview-Commit-ID: KueZzly2mlO

/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
/* vim: set ts=8 sts=2 et sw=2 tw=80: */
/* This Source Code Form is subject to the terms of the Mozilla Public
 * License, v. 2.0. If a copy of the MPL was not distributed with this
 * file, You can obtain one at */

/* Small helper class for asserting uses of a class are non-reentrant. */

#ifndef mozilla_ReentrancyGuard_h
#define mozilla_ReentrancyGuard_h

#include "mozilla/Assertions.h"
#include "mozilla/Attributes.h"
#include "mozilla/GuardObjects.h"

namespace mozilla {

/* Useful for implementing containers that assert non-reentrancy */
class MOZ_RAII ReentrancyGuard
#ifdef DEBUG
  bool& mEntered;

  template<class T>
#ifdef DEBUG
  explicit ReentrancyGuard(T& aObj
    : mEntered(aObj.mEntered)
  explicit ReentrancyGuard(T&
#ifdef DEBUG
    mEntered = true;
#ifdef DEBUG
    mEntered = false;

  ReentrancyGuard(const ReentrancyGuard&) = delete;
  void operator=(const ReentrancyGuard&) = delete;

} // namespace mozilla

#endif /* mozilla_ReentrancyGuard_h */