哈哈！找到你啦！美味的小孩！

build/build.sh

@@ -1,3 +1,3 @@
 rm -rf /tmp/sandbox-python
 rm -rf internal/core/runner/python/python.so
-go build -o internal/core/runner/python/python.so -buildmode=c-shared cmd/lib/python/main.go
+go build -o internal/core/runner/python/python.so -buildmode=c-shared -ldflags="-s -w" cmd/lib/python/main.go

cmd/test/fuzz/main.go

@@ -2,8 +2,10 @@ package main
 
 import (
 	"fmt"
+	"io"
 	"os"
 	"os/exec"
+	"sync"
 )
 
 const (
@@ -11,11 +13,49 @@ const (
 )
 
 func main() {
+	// copy ./internal/core/runner/python/python.so to /tmp/sandbox-python/python.so
+	os.MkdirAll("/tmp/sandbox-python", 0755)
+	f1, err := os.Create("/tmp/sandbox-python/python.so")
+	if err != nil {
+		fmt.Println(err)
+		return
+	}
+	f2, err := os.Open("./internal/core/runner/python/python.so")
+	if err != nil {
+		fmt.Println(err)
+		return
+	}
+	io.Copy(f1, f2)
+	f1.Close()
+	f2.Close()
+
 	for i := 0; i < SYSCALL_NUMS; i++ {
 		os.Setenv("DISABLE_SYSCALL", fmt.Sprintf("%d", i))
-		_, err := exec.Command("python3", ".test.py").Output()
-		if err != nil {
-			fmt.Printf("%d,", i)
+		var err error
+		var jobs = make(chan int, 100)
+		var wg sync.WaitGroup
+		for j := 0; j < 4; j++ {
+			wg.Add(1)
+			i := i
+			go func() {
+				defer wg.Done()
+				for range jobs {
+					if err != nil {
+						continue
+					}
+					_, err = exec.Command("python3", ".fuzz.py").Output()
+					if err != nil {
+						fmt.Println(i)
+					}
+				}
+			}()
 		}
+
+		for j := 0; j < 100; j++ {
+			jobs <- j
+		}
+
+		close(jobs)
+		wg.Wait()
 	}
 }

internal/core/lib/add_seccomp.go

@@ -13,7 +13,7 @@ import (
 	sg "github.com/seccomp/libseccomp-golang"
 )
 
-var allow_syscalls = []int{}
+//var allow_syscalls = []int{}
 
 func InitSeccomp() error {
 	disabled_syscall, err := strconv.Atoi(os.Getenv("DISABLE_SYSCALL"))
@@ -27,9 +27,9 @@ func InitSeccomp() error {
 	}
 	defer ctx.Release()
 
-	for i := 0; i < 400; i++ {
-		allow_syscalls = append(allow_syscalls, i)
-	}
+	// for i := 0; i < 400; i++ {
+	// 	allow_syscalls = append(allow_syscalls, i)
+	// }
 
 	for _, syscall := range static.ALLOW_SYSCALLS {
 		if syscall == disabled_syscall {

internal/core/runner/python/path.go

@@ -1,24 +0,0 @@
-package python
-
-var (
-	PYTHON_RUNNER_PATH = []string{
-		"/usr/bin/python3",
-		"/usr/bin/python3.10",
-		"/usr/lib/python3/dist-packages",
-		"/usr/lib/python3.10",
-		"/usr/bin/echo",
-		// libc
-		"/lib/x86_64-linux-gnu/libc.so.6",
-		"/lib/x86_64-linux-gnu/libm.so.6",
-		"/lib/x86_64-linux-gnu/libexpat.so.1",
-		"/lib/x86_64-linux-gnu/libz.so.1",
-		"/lib/x86_64-linux-gnu/ld-linux-x86-64.so.2",
-		"/lib/x86_64-linux-gnu/libexpat.so.1.8.7",
-		"/lib/x86_64-linux-gnu/libz.so.1.2.11",
-		"/lib64/ld-linux-x86-64.so.2",
-		// libpthread
-		"/lib/x86_64-linux-gnu/libpthread.so.0",
-		// libdl
-		"/lib/x86_64-linux-gnu/libdl.so.2",
-	}
-)

internal/core/runner/python/python.go

@@ -29,19 +29,22 @@ var python_sandbox_fs []byte
 //go:embed python.so
 var python_lib []byte
 
-func (p *PythonRunner) Run(code string, timeout time.Duration, stdin []byte) (chan []byte, chan []byte, chan bool, error) {
+func init() {
 	// check if libpython.so exists
+	log.Info("initializing python runner environment...")
 	if _, err := os.Stat("/tmp/sandbox-python/python.so"); os.IsNotExist(err) {
 		err := os.MkdirAll("/tmp/sandbox-python", 0755)
 		if err != nil {
-			return nil, nil, nil, err
+			log.Panic("failed to create /tmp/sandbox-python")
 		}
 		err = os.WriteFile("/tmp/sandbox-python/python.so", python_lib, 0755)
 		if err != nil {
-			return nil, nil, nil, err
+			log.Panic("failed to write /tmp/sandbox-python/python.so")
 		}
 	}
+}
 
+func (p *PythonRunner) Run(code string, timeout time.Duration, stdin []byte) (chan []byte, chan []byte, chan bool, error) {
 	// create a tmp dir and copy the python script
 	temp_code_name := strings.ReplaceAll(uuid.New().String(), "-", "_")
 	temp_code_name = strings.ReplaceAll(temp_code_name, "/", ".")

internal/middleware/cocrrent.go

@@ -6,13 +6,16 @@ import (
 
 	"github.com/gin-gonic/gin"
 	"github.com/langgenius/dify-sandbox/internal/types"
+	"github.com/langgenius/dify-sandbox/internal/utils/log"
 )
 
 func MaxWoker(max int) gin.HandlerFunc {
 	queue := make(chan *gin.Context, max)
 
 	for i := 0; i < max; i++ {
+		i := i
 		go func() {
+			log.Info("code runner worker %d started", i)
 			for {
 				select {
 				case c := <-queue:
@@ -33,6 +36,7 @@ type MaxRequestIface struct {
 }
 
 func MaxRequest(max int) gin.HandlerFunc {
+	log.Info("setting max requests to %d", max)
 	m := &MaxRequestIface{
 		current: 0,
 		lock:    &sync.RWMutex{},

internal/static/syscalls.go

@@ -13,7 +13,7 @@ var ALLOW_SYSCALLS = []int{
 	// thread
 	syscall.SYS_FUTEX,
 	// memory
-	syscall.SYS_MMAP, syscall.SYS_BRK, syscall.SYS_MPROTECT, syscall.SYS_MUNMAP,
+	syscall.SYS_MMAP, syscall.SYS_BRK, syscall.SYS_MPROTECT, syscall.SYS_MUNMAP, syscall.SYS_RT_SIGRETURN,
 	// user/group
 	syscall.SYS_SETUID, syscall.SYS_SETGID,
 	// process