Skip to content

Commit

Permalink
Update .clang-format and apply to existing files. (#558)
Browse files Browse the repository at this point in the history
  • Loading branch information
@tnek
tnek committed Jun 15, 2021
1 parent d026989 commit d2b6c2b
Show file tree
Hide file tree
Showing 97 changed files with 1,367 additions and 1,407 deletions.
26 changes: 18 additions & 8 deletions .clang-format
View file
@@ -1,22 +1,32 @@
Language: ObjC
BasedOnStyle: Google
Language: Cpp
Standard: Cpp11

# Disable ColumnLimit because it causes some very weird line breaks.
# For ObjC the limit is 100
# For Cpp the limit is 80
ColumnLimit: 0
IndentWidth: 2
ObjCBlockIndentWidth: 2
ContinuationIndentWidth: 2

# For ObjC, the line limit is 100
ColumnLimit: 100

# Allow short case statements to be on a single line
AllowShortCaseLabelsOnASingleLine: true

# Ban short loops and functions on a single line
AllowShortLoopsOnASingleLine: false
AllowShortFunctionsOnASingleLine: false
AllowShortFunctionsOnASingleLine: Inline

# Allow spaces in NSArray/NSDictionary literals @[ and @{
SpacesInContainerLiterals: true

# For pointers, always put the * next to the variable name.
DerivePointerAlignment: false
PointerAlignment: Right


---
Language: Cpp
Standard: Cpp11

BasedOnStyle: Google

# For C++, the line limit is 80
ColumnLimit: 80
8 changes: 5 additions & 3 deletions Fuzzing/santacache/src/main.cpp
View file
Expand Up @@ -14,10 +14,11 @@

#include <SantaCache.h>

#include <iostream>
#include <cstdint>
#include <iostream>

extern "C" int LLVMFuzzerTestOneInput(const std::uint8_t *data, std::size_t size) {
extern "C" int LLVMFuzzerTestOneInput(const std::uint8_t *data,
std::size_t size) {
static SantaCache<uint64_t, uint64_t> decision_cache(5000, 2);

std::uint64_t fields[2] = {};
Expand All @@ -33,7 +34,8 @@ extern "C" int LLVMFuzzerTestOneInput(const std::uint8_t *data, std::size_t size
auto returned_value = decision_cache.get(fields[0]);

if (returned_value != fields[1]) {
std::cout << fields[0] << ", " << fields[1] << " -> " << returned_value << "\n";
std::cout << fields[0] << ", " << fields[1] << " -> " << returned_value
<< "\n";
return 1;
}

Expand Down
6 changes: 3 additions & 3 deletions Fuzzing/santactl/src/main.mm
View file
Expand Up @@ -12,13 +12,13 @@
/// See the License for the specific language governing permissions and
/// limitations under the License.

#include <iostream>
#include <cstdint>
#include <iostream>
#include <vector>

#include <SNTCommandSyncConstants.h>
#include <SNTCommandSyncRuleDownload.h>
#include <SNTCommandSyncState.h>
#include <SNTCommandSyncConstants.h>
#include <SNTRule.h>

extern "C" int LLVMFuzzerTestOneInput(const std::uint8_t *data, std::size_t size) {
Expand Down Expand Up @@ -57,6 +57,6 @@
std::cerr << "Rule: " << [[rule description] UTF8String] << "\n";
}
}

return 0;
}
33 changes: 18 additions & 15 deletions Fuzzing/santad/src/checkCacheForVnodeID.mm
View file
Expand Up @@ -12,8 +12,8 @@
/// See the License for the specific language governing permissions and
/// limitations under the License.

#include <iostream>
#include <cstdint>
#include <iostream>

#import <MOLXPCConnection/MOLXPCConnection.h>

Expand All @@ -23,15 +23,14 @@

extern "C" int LLVMFuzzerTestOneInput(const std::uint8_t *data, std::size_t size) {
if (size > 16) {
std::cerr << "Invalid buffer size of " << size
<< " (should be <= 16)" << std::endl;
std::cerr << "Invalid buffer size of " << size << " (should be <= 16)" << std::endl;

return 1;
}

santa_vnode_id_t vnodeID = {};
std::memcpy(&vnodeID, data, size);

MOLXPCConnection *daemonConn = [SNTXPCControlInterface configuredConnection];
daemonConn.invalidationHandler = ^{
printf("An error occurred communicating with the daemon, is it running?\n");
Expand All @@ -40,16 +39,20 @@

[daemonConn resume];

[[daemonConn remoteObjectProxy] checkCacheForVnodeID:vnodeID
withReply:^(santa_action_t action) {
if (action == ACTION_RESPOND_ALLOW) {
std::cerr << "File exists in [whitelist] kernel cache" << std::endl;;
} else if (action == ACTION_RESPOND_DENY) {
std::cerr << "File exists in [blacklist] kernel cache" << std::endl;;
} else if (action == ACTION_UNSET) {
std::cerr << "File does not exist in cache" << std::endl;;
}
}];

[[daemonConn remoteObjectProxy]
checkCacheForVnodeID:vnodeID
withReply:^(santa_action_t action) {
if (action == ACTION_RESPOND_ALLOW) {
std::cerr << "File exists in [whitelist] kernel cache" << std::endl;
;
} else if (action == ACTION_RESPOND_DENY) {
std::cerr << "File exists in [blacklist] kernel cache" << std::endl;
;
} else if (action == ACTION_UNSET) {
std::cerr << "File does not exist in cache" << std::endl;
;
}
}];

return 0;
}
2 changes: 1 addition & 1 deletion Fuzzing/santad/src/databaseRemoveEventsWithIDs.mm
View file
Expand Up @@ -12,8 +12,8 @@
/// See the License for the specific language governing permissions and
/// limitations under the License.

#include <iostream>
#include <cstdint>
#include <iostream>

#import <MOLXPCConnection/MOLXPCConnection.h>

Expand Down
38 changes: 19 additions & 19 deletions Fuzzing/santad/src/databaseRuleAddRules.mm
View file
Expand Up @@ -12,8 +12,8 @@
/// See the License for the specific language governing permissions and
/// limitations under the License.

#include <iostream>
#include <cstdint>
#include <iostream>

#import <MOLXPCConnection/MOLXPCConnection.h>

Expand All @@ -34,9 +34,8 @@

extern "C" int LLVMFuzzerTestOneInput(const std::uint8_t *data, std::size_t size) {
if (size > sizeof(InputData)) {
std::cerr << "Invalid buffer size of " << size
<< " (should be <= " << sizeof(InputData)
<< ")" << std::endl;
std::cerr << "Invalid buffer size of " << size << " (should be <= " << sizeof(InputData) << ")"
<< std::endl;

return 1;
}
Expand All @@ -45,29 +44,30 @@
std::memcpy(&input_data, data, size);

SNTRule *newRule = [[SNTRule alloc] init];
newRule.state = (SNTRuleState) input_data.state;
newRule.type = (SNTRuleType) input_data.type;
newRule.state = (SNTRuleState)input_data.state;
newRule.type = (SNTRuleType)input_data.type;
newRule.shasum = @(input_data.hash);
newRule.customMsg = @"";

MOLXPCConnection *daemonConn = [SNTXPCControlInterface configuredConnection];
daemonConn.invalidationHandler = ^{
printf("An error occurred communicating with the daemon, is it running?\n");
exit(1);
};

[daemonConn resume];
[[daemonConn remoteObjectProxy] databaseRuleAddRules:@[newRule]
cleanSlate:NO
reply:^(NSError *error) {
if (!error) {
if (newRule.state == SNTRuleStateRemove) {
printf("Removed rule for SHA-256: %s.\n", [newRule.shasum UTF8String]);
} else {
printf("Added rule for SHA-256: %s.\n", [newRule.shasum UTF8String]);
}
}
}];

[[daemonConn remoteObjectProxy]
databaseRuleAddRules:@[ newRule ]
cleanSlate:NO
reply:^(NSError *error) {
if (!error) {
if (newRule.state == SNTRuleStateRemove) {
printf("Removed rule for SHA-256: %s.\n", [newRule.shasum UTF8String]);
} else {
printf("Added rule for SHA-256: %s.\n", [newRule.shasum UTF8String]);
}
}
}];

return 0;
}
52 changes: 27 additions & 25 deletions Source/common/SNTBlockMessage.m
View file
Expand Up @@ -23,26 +23,27 @@ @implementation SNTBlockMessage

+ (NSAttributedString *)attributedBlockMessageForEvent:(SNTStoredEvent *)event
customMessage:(NSString *)customMessage {
NSString *htmlHeader = @"<html><head><style>"
@"body {"
@" font-family: 'Lucida Grande', 'Helvetica', sans-serif;"
@" font-size: 13px;"
@" color: %@;"
@" text-align: center;"
@"}"

// Supported in beta WebKit. Not sure if it is dynamic when used with NSAttributedString.
@"@media (prefers-color-scheme: dark) {"
@" body {"
@" color: #ddd;"
@" }"
@"}"
@"</style></head><body>";
NSString *htmlHeader =
@"<html><head><style>"
@"body {"
@" font-family: 'Lucida Grande', 'Helvetica', sans-serif;"
@" font-size: 13px;"
@" color: %@;"
@" text-align: center;"
@"}"

// Supported in beta WebKit. Not sure if it is dynamic when used with NSAttributedString.
@"@media (prefers-color-scheme: dark) {"
@" body {"
@" color: #ddd;"
@" }"
@"}"
@"</style></head><body>";

// Support Dark Mode. Note, the returned NSAttributedString is static and does not update when
// the OS switches modes.
NSString *mode = [NSUserDefaults.standardUserDefaults stringForKey:@"AppleInterfaceStyle"];
BOOL dark = [mode isEqualToString:@"Dark"];
BOOL dark = [mode isEqualToString:@"Dark"];
htmlHeader = [NSString stringWithFormat:htmlHeader, dark ? @"#ddd" : @"#333"];

NSString *htmlFooter = @"</body></html>";
Expand Down Expand Up @@ -90,13 +91,14 @@ + (NSString *)stringFromHTML:(NSString *)html {

// Strip any HTML tags out of the message. Also remove any content inside <style> tags and
// replace <br> elements with a newline.
NSString *stripXslt = @"<?xml version='1.0' encoding='utf-8'?>"
@"<xsl:stylesheet version='1.0' xmlns:xsl='http://www.w3.org/1999/XSL/Transform'"
@" xmlns:xhtml='http://www.w3.org/1999/xhtml'>"
@"<xsl:output method='text'/>"
@"<xsl:template match='br'><xsl:text>\n</xsl:text></xsl:template>"
@"<xsl:template match='style'/>"
@"</xsl:stylesheet>";
NSString *stripXslt =
@"<?xml version='1.0' encoding='utf-8'?>"
@"<xsl:stylesheet version='1.0' xmlns:xsl='http://www.w3.org/1999/XSL/Transform'"
@" xmlns:xhtml='http://www.w3.org/1999/xhtml'>"
@"<xsl:output method='text'/>"
@"<xsl:template match='br'><xsl:text>\n</xsl:text></xsl:template>"
@"<xsl:template match='style'/>"
@"</xsl:stylesheet>";
NSData *data = [xml objectByApplyingXSLTString:stripXslt arguments:NULL error:&error];
if (error || ![data isKindOfClass:[NSData class]]) {
return html;
Expand All @@ -115,8 +117,8 @@ + (NSURL *)eventDetailURLForEvent:(SNTStoredEvent *)event {

if (event.fileSHA256) {
formatStr =
[formatStr stringByReplacingOccurrencesOfString:@"%file_sha%"
withString:event.fileBundleHash ?: event.fileSHA256];
[formatStr stringByReplacingOccurrencesOfString:@"%file_sha%"
withString:event.fileBundleHash ?: event.fileSHA256];
}
if (event.executingUser) {
formatStr = [formatStr stringByReplacingOccurrencesOfString:@"%username%"
Expand Down
4 changes: 3 additions & 1 deletion Source/common/SNTCommonEnums.h
View file
Expand Up @@ -92,6 +92,8 @@ typedef NS_ENUM(NSInteger, SNTEventLogType) {
};

static const char *kKextPath = "/Library/Extensions/santa-driver.kext";
static const char *kSantaDPath = "/Applications/Santa.app/Contents/Library/SystemExtensions/com.google.santa.daemon.systemextension/Contents/MacOS/com.google.santa.daemon";
static const char *kSantaDPath =
"/Applications/Santa.app/Contents/Library/SystemExtensions/"
"com.google.santa.daemon.systemextension/Contents/MacOS/com.google.santa.daemon";
static const char *kSantaCtlPath = "/Applications/Santa.app/Contents/MacOS/santactl";
static const char *kSantaAppPath = "/Applications/Santa.app";
8 changes: 5 additions & 3 deletions Source/common/SNTConfigurator.h
View file
Expand Up @@ -168,8 +168,9 @@
/// Use the bundled SystemExtension on macOS 10.15+, defaults to YES.
/// Disable to continue using the bundled KEXT.
/// This is a one way switch, if this is ever true on macOS 10.15+ the KEXT will be deleted.
/// This gives admins control over the timing of switching to the SystemExtension. The intended use case is to have an MDM deliver
/// the requisite SystemExtension and TCC profiles before attempting to load.
/// This gives admins control over the timing of switching to the SystemExtension. The intended use
/// case is to have an MDM deliver the requisite SystemExtension and TCC profiles before attempting
/// to load.
///
@property(readonly, nonatomic) BOOL enableSystemExtension;

Expand Down Expand Up @@ -337,7 +338,8 @@

///
/// If true, debug logging will be enabled for all Santa components. Defaults to false.
/// Passing --debug as an executable argument will enable debug logging for that specific component.
/// Passing --debug as an executable argument will enable debug logging for that specific
/// component.
///
@property(readonly, nonatomic) BOOL enableDebugLogging;

Expand Down
10 changes: 6 additions & 4 deletions Source/common/SNTConfigurator.m
View file
Expand Up @@ -85,7 +85,8 @@ @implementation SNTConfigurator
static NSString *const kIgnoreOtherEndpointSecurityClients = @"IgnoreOtherEndpointSecurityClients";
static NSString *const kEnableDebugLogging = @"EnableDebugLogging";

static NSString *const kEnableBackwardsCompatibleContentEncoding = @"EnableBackwardsCompatibleContentEncoding";
static NSString *const kEnableBackwardsCompatibleContentEncoding =
@"EnableBackwardsCompatibleContentEncoding";

static NSString *const kFCMProject = @"FCMProject";
static NSString *const kFCMEntity = @"FCMEntity";
Expand Down Expand Up @@ -676,7 +677,7 @@ - (NSMutableDictionary *)readSyncStateFromDisk {
// Only santad should read this file.
if (geteuid() != 0) return nil;
NSMutableDictionary *syncState =
[NSMutableDictionary dictionaryWithContentsOfFile:kSyncStateFilePath];
[NSMutableDictionary dictionaryWithContentsOfFile:kSyncStateFilePath];
for (NSString *key in syncState.allKeys) {
if (self.syncServerKeyTypes[key] == [NSRegularExpression class]) {
NSString *pattern = [syncState[key] isKindOfClass:[NSString class]] ? syncState[key] : nil;
Expand All @@ -702,8 +703,9 @@ - (void)saveSyncStateToDisk {
syncState[kAllowedPathRegexKey] = [syncState[kAllowedPathRegexKey] pattern];
syncState[kBlockedPathRegexKey] = [syncState[kBlockedPathRegexKey] pattern];
[syncState writeToFile:kSyncStateFilePath atomically:YES];
[[NSFileManager defaultManager] setAttributes:@{ NSFilePosixPermissions : @0644 }
ofItemAtPath:kSyncStateFilePath error:NULL];
[[NSFileManager defaultManager] setAttributes:@{NSFilePosixPermissions : @0644}
ofItemAtPath:kSyncStateFilePath
error:NULL];
}

- (void)clearSyncState {
Expand Down
1 change: 0 additions & 1 deletion Source/common/SNTFileInfo.h
View file
Expand Up @@ -40,7 +40,6 @@
///
- (instancetype)initWithPath:(NSString *)path;


///
/// Initializer for already resolved paths.
///
Expand Down

0 comments on commit d2b6c2b

Please sign in to comment.