def __call__(self, e, a): # handle SYSCALL/SYSRET events with local rules if e.type in (S_EVENT_SYSCALL, S_EVENT_SYSRET): if machine == 'x86_64' and e.ext0 != 0: return self._KILL_RF(e, a) return self.sc_table[e.data](e, a) # bypass other events to base class return SandboxPolicy.__call__(self, e, a)
def __call__(self, e, a): # handle SYSCALL/SYSRET events with local handlers if e.type in (S_EVENT_SYSCALL, S_EVENT_SYSRET): if MACHINE is 'x86_64' and e.ext0 is not 0: a.type, a.data = S_ACTION_KILL, S_RESULT_RF return a if e.type is 4 and e.data not in self.sc_safe[MACHINE]: self.sc_table[e.data] = self.sc_table.get(e.data, 0) + 1 a.type = S_ACTION_CONT return a # bypass other events to base class return SandboxPolicy.__call__(self, e, a)