Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #include <iostream>
- #include <cstdlib>
- #include <cmath>
- #include <fstream>
- #include <string>
- #include <sstream>
- #include <sys/resource.h>
- #include <sys/time.h>
- #include <unistd.h>
- #include <ctime>
- #include <mysql_connection.h>
- #include <mysql_driver.h>
- #include <cppconn/exception.h>
- #include <cppconn/resultset.h>
- #include <cppconn/statement.h>
- #include <cppconn/prepared_statement.h>
- #include <cppconn/driver.h>
- #include "seccomp-bpf.h"
- #include "seccomp.h"
- #include <sys/resource.h>
- #include <sys/types.h>
- #include <sys/wait.h>
- #include <sys/prctl.h>
- #include <sys/ptrace.h>
- #include <sys/stat.h>
- #include <fcntl.h>
- #include <errno.h>
- #include <stddef.h>
- #include <linux/audit.h>
- #include <linux/filter.h>
- #include <sys/socket.h>
- //#include <linux/seccomp.h>
- #include "pstream.h"
- #include "config.h"
- #define BUF_SIZE 256
- /*
- static int install_syscall_filter(void)
- {
- struct sock_filter filter[] = {
- VALIDATE_ARCHITECTURE,
- EXAMINE_SYSCALL,
- ALLOW_SYSCALL(rt_sigreturn),
- #ifdef __NR_sigreturn
- ALLOW_SYSCALL(sigreturn),
- #endif
- ALLOW_SYSCALL(exit_group),
- ALLOW_SYSCALL(exit),
- ALLOW_SYSCALL(read),
- ALLOW_SYSCALL(write),
- ALLOW_SYSCALL(brk),
- ALLOW_SYSCALL(access),
- ALLOW_SYSCALL(mmap),
- ALLOW_SYSCALL(open),
- ALLOW_SYSCALL(fstat),
- ALLOW_SYSCALL(mprotect),
- ALLOW_SYSCALL(close),
- ALLOW_SYSCALL(arch_prctl),
- ALLOW_SYSCALL(munmap),
- ALLOW_SYSCALL(execve),
- KILL_PROCESS,
- };
- struct sock_fprog prog = {
- .len = (unsigned short)(sizeof(filter)/sizeof(filter[0])),
- .filter = filter,
- };
- if (prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0)) {
- perror("prctl(NO_NEW_PRIVS)");
- goto failed;
- }
- if (prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, &prog)) {
- perror("prctl(SECCOMP)");
- goto failed;
- }
- return 0;
- failed:
- if (errno == EINVAL)
- fprintf(stderr, "SECCOMP_FILTER is not available. :(\n");
- return 1;
- }
- */
- using namespace std;
- void syscall_filter_init(bool action){
- prctl (PR_SET_NO_NEW_PRIVS, 1);
- prctl (PR_SET_DUMPABLE, 0);
- scmp_filter_ctx ctx = seccomp_init (SCMP_ACT_ALLOW);
- // seccomp_rule_add (ctx, SCMP_ACT_TRAP, SCMP_SYS(fork), 0);
- seccomp_rule_add (ctx, SCMP_ACT_TRAP, SCMP_SYS(vfork), 0);
- // seccomp_rule_add (ctx, SCMP_ACT_TRAP, SCMP_SYS(clone), 1,
- // SCMP_A1 (SCMP_CMP_EQ, 0));
- // seccomp_rule_add (ctx, SCMP_ACT_TRAP, SCMP_SYS(kill), 0);
- seccomp_rule_add (ctx, SCMP_ACT_TRAP, SCMP_SYS(sigaction), 0);
- seccomp_rule_add (ctx, SCMP_ACT_TRAP, SCMP_SYS(unlink), 0);
- seccomp_rule_add (ctx, SCMP_ACT_TRAP, SCMP_SYS(unlinkat), 0);
- seccomp_rule_add (ctx, SCMP_ACT_TRAP, SCMP_SYS(rename), 0);
- seccomp_rule_add (ctx, SCMP_ACT_TRAP, SCMP_SYS(chdir), 0);
- seccomp_rule_add (ctx, SCMP_ACT_TRAP, SCMP_SYS(mkdir), 0);
- // seccomp_rule_add (ctx, SCMP_ACT_TRAP, SCMP_SYS(bind), 0);
- // seccomp_rule_add (ctx, SCMP_ACT_TRAP, SCMP_SYS(setsockopt), 0);
- /* seccomp_rule_add (ctx, SCMP_ACT_TRAP, SCMP_SYS(listen), 0);
- seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(execve), 0);
- seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(brk), 0);
- seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(write), 0);
- seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(mmap), 0);
- seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(access), 0);
- seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(open), 0);
- seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(fstat), 0);
- seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(read), 0);
- seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(mprotect), 0);
- seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(close), 0);
- seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(arch_prctl), 0);
- seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(munmap), 0);
- seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(exit), 0);
- seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(uname), 0);
- seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(exit_group), 0);
- seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(readlink), 0);
- */
- if(action==true) {
- seccomp_load (ctx);
- }
- else if(action==false)
- {
- seccomp_release(ctx);
- }
- /*scmp_filter_ctx ctx;
- ctx = seccomp_init(SCMP_ACT_KILL); // default action: kill
- // setup basic whitelist
- seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(rt_sigreturn), 0);
- seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(exit), 0);
- seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(read), 0);
- seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(write), 0);
- // setup our rule
- seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(dup2), 2,
- SCMP_A0(SCMP_CMP_EQ, 1),
- SCMP_A1(SCMP_CMP_EQ, 2));
- // build and load the filter
- seccomp_load(ctx);
- */
- }
- struct tm *theTime;
- //konwersja z int na string
- string konwertuj(int i) {
- ostringstream ss;
- ss << i;
- string str=ss.str();
- return str;
- }
- //dopisywanie tekstu do logów
- void dopisz(string log) {
- fstream plik;
- plik.open(LOG, ios::out|ios::app);
- plik<<endl<<log;
- plik.close();
- }
- //tworzenie katalogu submita
- string dir(int id)
- {
- string dir="sudo mkdir /POJS/result/";
- dir+=konwertuj(id);
- dir+=" && sudo chmod -R 777 /POJS/result/";
- dir+=konwertuj(id);
- return dir;
- }
- //Uzyskiwanie czasu
- string get_time() {
- time_t tim;
- time(&tim);
- theTime = localtime(&tim);
- string time="";
- time+=konwertuj(1900+(theTime->tm_year));
- time+="-";
- if(((theTime->tm_mon)+1)<10) {
- time+="0";
- time+=konwertuj((theTime->tm_mon)+1);
- }
- else {
- time+=konwertuj((theTime->tm_mon)+1);
- }
- time+="-";
- time+=konwertuj(theTime->tm_mday);
- time+=" ";
- time+=konwertuj(theTime->tm_hour);
- time+=":";
- time+=konwertuj(theTime->tm_min);
- time+=":";
- time+=konwertuj(theTime->tm_sec);
- return time;
- }
- //sprawdzanie rozszerzenia submita
- string ext(string submit) {
- int indeks=0;
- for(int i=0;i<submit.length();i++)
- {
- if(submit[i]=='.')
- {
- indeks=i;
- }
- }
- string ext="";
- for(int i=indeks+1;i<submit.length();i++)
- {
- ext+=submit[i];
- }
- return ext;
- }
- //tworzenie polecenia kompilacji
- string compile(string path, string lang, int id) {
- string comp="";
- if(lang=="cpp"){
- comp+="g++ -O2 -std=c++11 -static -lm -Wall ";
- comp+=path;
- comp+=" -o /POJS/result/";
- comp+=konwertuj(id);
- comp+="/";
- comp+=konwertuj(id);
- comp+=" 2> /tmp/comperror";
- return comp;
- }
- else if(lang=="c") {
- comp+="gcc -std=gnu99 -O2 -static -lm -Wall ";
- comp+=path;
- comp+=" -o /POJS/result/";
- comp+=konwertuj(id);
- comp+="/";
- comp+=konwertuj(id);
- comp+=" 2> /tmp/comperror";
- return comp;
- }
- else if(lang=="ml") {
- comp+="ocamlc ";
- comp+=path;
- comp+=" -o /POJS/result/";
- comp+=konwertuj(id);
- comp+="/";
- comp+=konwertuj(id);
- comp+=" 2> /tmp/comperror";
- return comp;
- }
- }
- //Tworzenie MySQL query
- string create_query(string status, int points, int id, string output) {
- string query="UPDATE submits SET status='";
- query+=status;
- query+="', points='";
- query+=konwertuj(points);
- query+="', tests='";
- query+=output;
- query+="' WHERE id='";
- query+=konwertuj(id);
- query+="';";
- return query;
- }
- string create_query_sec(string status, int points, int id, int section, string output) {
- string query="UPDATE contest";
- query+=konwertuj(section);
- query+=" SET nazwa='";
- query+=status;
- query+="', ilosc='";
- query+=konwertuj(points);
- query+="', output='";
- query+=output;
- query+="' WHERE id='";
- query+=konwertuj(id);
- query+="';";
- return query;
- }
- //Sprawdzanie poprawności wykonania kompilacji
- bool checkcomp(int id) {
- fstream exist;
- string name="/POJS/result/";
- name+=konwertuj(id);
- name+="/";
- name+=konwertuj(id);
- exist.open(name.c_str());
- bool come;
- if(exist.good()==true)
- {
- exist.close();
- come=true;
- }
- else
- {
- come=false;
- }
- name="sudo cp /tmp/comperror /POJS/result/";
- name+=konwertuj(id);
- name+="/ce.log";
- system(name.c_str());
- system("sudo rm /tmp/comperror");
- return come;
- }
- //sprawdzanie czy istnieją różnice między wzorcem, a zgłoszeniem
- bool checkdiff() {
- int lines_num=0;
- string line;
- fstream diff("/tmp/diffmerge");
- while (std::getline(diff, line))
- ++lines_num;
- if(lines_num>0)
- {
- return false;
- }
- else {
- return true;
- }
- }
- bool checkdifff() {
- int lines_num=0;
- string line;
- fstream diff("/tmp/difffault");
- while (std::getline(diff, line))
- ++lines_num;
- if(lines_num>0)
- {
- return false;
- }
- else {
- return true;
- }
- }
- //Sprawdzanie czy zaszedł while(true) z std::cout
- bool checktle(int id, int i) {
- string name="/POJS/result/";
- name+=konwertuj(id);
- name+="/";
- name+=konwertuj(i);
- name+=".out";
- struct stat filestatus;
- stat( name.c_str(), &filestatus );
- if(filestatus.st_size>100056128) {
- return true;
- }
- else {
- return false;
- }
- }
- //Sprawdzanie bezpieczeństwa programu
- bool is_danger() {
- fstream danger;
- danger.open("/tmp/dangerous", std::ios::in);
- string line;
- while ( std::getline( danger, line ) ) {
- if ( line.find( "clone" ) != std::string::npos || line.find( "vfork" ) != std::string::npos || line.find( "kill" ) != std::string::npos || line.find( "sigaction" ) != std::string::npos || line.find("setsockopt") != std::string::npos || line.find("rename") != std::string::npos || line.find("chdir") != std::string::npos || line.find("mkdir") != std::string::npos || line.find("unlink") != std::string::npos || line.find("unlinkat") != std::string::npos || line.find("bind") != std::string::npos || line.find("listen") != std::string::npos) {
- return true;
- }
- }
- return false;
- }
- //Sprawdzanie czy nie pisze się tego outputa pod rząd
- bool groupcheck(int id, int tests) {
- string diff="";
- int k=0;
- int n=0;
- for(int i=1;i<tests;i++) {
- diff="diff -w /POJS/result/";
- diff+=konwertuj(id);
- diff+="/";
- diff+=konwertuj(i);
- diff+=".out /POJS/result/";
- int k=i+1;
- diff+=konwertuj(id);
- diff+="/";
- diff+=konwertuj(k);
- system("rm /tmp/difffault");
- diff+=".out > /tmp/difffault";
- system(diff.c_str());
- if(checkdifff()==true) {
- n++;
- }
- }
- if(n==tests) {
- return true;
- }
- else {
- return false;
- }
- }
- //Funkcja Główna
- int main(int argc, char ** argv)
- {
- // struct rlimit ml;
- struct rlimit rl;
- string log="Sprawdzaczka POJS uruchomiona\n";
- dopisz(log);
- if(argc>=7) //Jeżeli liczba argumentów jest większa niż 7
- {
- log="Liczba argumentów poprawna";
- dopisz(log);
- for(int i=1;i<argc;i++)
- {
- log="Argument ";
- log+=konwertuj(i);
- log+=": ";
- log+=argv[i];
- dopisz(log);
- }
- string quest=argv[1]; //kod zadania
- int id=atoi(argv[2]); //ID zgłoszenia
- string submit=argv[3]; //ścieżka do submita
- int tests=atoi(argv[4]); //liczba testów
- int time=atoi(argv[5]); //limit czasu
- int memory=atoi(argv[6]); //limit pamięci
- int section=0;
- int secid=0;
- string output="";
- if(argc==9){
- section=atoi(argv[7]);
- secid=atoi(argv[8]);
- }
- system(dir(id).c_str()); //tworzenie katalogu zgłoszenia
- string comp="";
- if(ext(submit)=="cpp") { //Jeżeli język to C++
- log="Język: C++ (.cpp)";
- dopisz(log);
- }
- else if(ext(submit)=="c") { //Jeżeli język to C
- log="Język: C (.c)";
- dopisz(log);
- }
- else if(ext(submit)=="ml") { //jeżeli język to OCaml
- log="Język OCaml (.ml)";
- dopisz(log);
- }
- else {
- log="\n==ERROR==\nBłędny Format przesłanego pliku\nKoniec pracy\n\n";
- dopisz(log);
- cout<<log;
- return 0;
- }
- log="Polecenie kompilujące:";
- log+=compile(submit, ext(submit), id);
- dopisz(log);
- log="Kompilacja Rozpoczęta!!!";
- dopisz(log);
- /* Obtain the current limits. */
- getrlimit (RLIMIT_CPU, &rl);
- /* Set a CPU limit of 3 seconds. */
- rl.rlim_cur = 3;
- setrlimit (RLIMIT_CPU, &rl);
- system(compile(submit, ext(submit), id).c_str());
- system("sudo chmod -R 777 /tmp/comperror ");
- if(checkcomp(id)==true) {
- log="Zkompilowano pomyślnie !!!\n";
- dopisz(log);
- int points=0;
- string run="";
- string diff="";
- for(int i=1;i<=tests;i++) {
- run="";
- diff="";
- run+="/POJS/result/";
- run+=konwertuj(id);
- run+="/";
- run+=konwertuj(id);
- run+="</POJS/quests/";
- run+=quest;
- run+="/";
- run+=konwertuj(i);
- run+=".in>/POJS/result/";
- run+=konwertuj(id);
- run+="/";
- run+=konwertuj(i);
- run+=".out";
- getrlimit (RLIMIT_CPU, &rl);
- rl.rlim_cur = time;
- setrlimit (RLIMIT_CPU, &rl);
- // getrlimit (RLIMIT_AS, &ml);
- // ml.rlim_cur = memory;
- // setrlimit(RLIMIT_AS, &ml);
- bool action=true;
- syscall_filter_init(action);
- system(run.c_str());
- action=false;
- syscall_filter_init(action);
- diff="diff -w /POJS/quests/";
- diff+=quest;
- diff+="/";
- diff+=konwertuj(i);
- diff+=".out /POJS/result/";
- diff+=konwertuj(id);
- diff+="/";
- diff+=konwertuj(i);
- system("rm /tmp/diffmerge");
- diff+=".out > /tmp/diffmerge";
- system(diff.c_str());
- system("chmod -R 777 /tmp/diffmerge");
- if(checktle(id, i)==true) {
- string status="TLE";
- log+="\nStatus: TLE\nPunkty:";
- log+=konwertuj(points);
- for(int k=i;k<=tests;k++) {
- output+="Test nr ";
- output+=konwertuj(k);
- output+=": 0pkt TLE <br>";
- }
- dopisz(output);
- dopisz(log);
- sql::mysql::MySQL_Driver *driver;
- sql::Connection *con;
- sql::Statement *stmt;
- sql::ResultSet *res;
- driver = sql::mysql::get_driver_instance();
- con=driver->connect("tcp://156.17.4.36:3306", "root", "Kubapat1309");
- log="Łączenie z bazą danych POJS pod ip: 156.17.4.36, Port: 3306";
- dopisz(log);
- con->setSchema("mysql");
- log="Pomyślnie przesłano dane do bazy danych";
- dopisz(log);
- stmt = con->createStatement();
- if(argc==9) {
- stmt->execute(create_query_sec(status, points, secid, section, output).c_str());
- }
- else {
- stmt->execute(create_query(status, points, id, output).c_str());
- }
- delete stmt;
- delete con;
- return 0;
- }
- system(diff.c_str());
- system("chmod -R 777 /tmp/diffmerge");
- if(checkdiff()==true) {
- output+="Test nr ";
- output+=konwertuj(i);
- output+=": ";
- int punkt=(100/tests);
- output+=konwertuj(punkt);
- output+="pkt AC <br>";
- points+=(100/tests);
- }
- else {
- output+="Test nr ";
- output+=konwertuj(i);
- output+=": ";
- output+="0pkt WA <br>";
- }
- }
- cout<<points;
- string status="";
- // if(groupcheck(id, tests)==true) {
- // points=0;
- // }
- if(points>=95)
- {
- status="AC";
- }
- else {
- status="WA";
- }
- dopisz(output);
- log+="\nStatus: ";
- log+=status;
- log+="\nPunkty:";
- log+=konwertuj(points);
- dopisz(log);
- sql::mysql::MySQL_Driver *driver;
- sql::Connection *con;
- sql::Statement *stmt;
- sql::ResultSet *res;
- driver = sql::mysql::get_driver_instance();
- con=driver->connect("tcp://156.17.4.36:3306", "root", "Kubapat1309");
- log="Łączenie z bazą danych POJS pod ip: 156.17.4.36, Port: 3306";
- dopisz(log);
- con->setSchema("mysql");
- log="Pomyślnie przesłano dane do bazy danych\n\nKoniec Pracy\n";
- dopisz(log);
- stmt = con->createStatement();
- if(argc==9) {
- stmt->execute(create_query_sec(status, points, secid, section, output).c_str());
- }
- else {
- stmt->execute(create_query(status, points, id, output).c_str());
- }
- delete stmt;
- delete con;
- return 0;
- }
- else if(checkcomp(id)==false) {
- log="\n==ERROR==\nKompilacja nie powiodła się\n";
- dopisz(log);
- cout<<log;
- sql::mysql::MySQL_Driver *driver;
- sql::Connection *con;
- sql::Statement *stmt;
- sql::ResultSet *res;
- driver = sql::mysql::get_driver_instance();
- con=driver->connect("tcp://156.17.4.36:3306", "root", "Kubapat1309");
- log="Łączenie z bazą danych POJS pod ip: 156.17.4.36, Port: 3306";
- dopisz(log);
- con->setSchema("mysql");
- log="Pomyślnie przesłano dane do bazy danych";
- dopisz(log);
- log="ID:";
- log+=konwertuj(id);
- log+="\nStatus: CE\nPunkty:0\n\nKoniec pracy\n";
- dopisz(log);
- cout<<log;
- stmt = con->createStatement();
- string status="CE";
- string output="ALL TESTS CE";
- int points=0;
- if(argc==9) {
- stmt->execute(create_query_sec(status, points, secid, section, output).c_str());
- }
- else {
- stmt->execute(create_query(status, points, id, output).c_str());
- }
- delete stmt;
- delete con;
- return 0;
- }
- }
- else {
- log="\n==ERROR==\nNiepoprawna liczba argumentów\nKoniec pracy\n\n";
- dopisz(log);
- cout<<log;
- return 0;
- }
- return 0;
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement