diff --git a/src/run.c b/src/run.c index 0379e52..47226ba 100644 --- a/src/run.c +++ b/src/run.c @@ -45,7 +45,7 @@ static int child_fn(void *arg); static int setup_rootfs_without_overlayfs(const ExecRequest *cfg, const char *ctr_dir); static int setup_rootfs_with_overlayfs(const ExecRequest *cfg, const char *ctr_dir); static int drop_all_caps(void); -static void set_limit(int resource, rlim_t lim); +static void set_limit(int resource, rlim_t soft, rlim_t hard); // socket helpers static int write_byte(int fd, char b); @@ -909,11 +909,11 @@ static int child_fn(void *arg) { } // setrlimits - set_limit(RLIMIT_NOFILE, cfg->max_open_files); - set_limit(RLIMIT_STACK, cfg->stack_limit_bytes); - set_limit(RLIMIT_AS, cfg->memory_limit_bytes); - set_limit(RLIMIT_FSIZE, cfg->output_limit_bytes); - set_limit(RLIMIT_CPU, (cfg->cpu_time_limit_us + 999999) / 1000000); + set_limit(RLIMIT_NOFILE, cfg->max_open_files, cfg->max_open_files); + set_limit(RLIMIT_STACK, cfg->stack_limit_bytes, cfg->stack_limit_bytes); + set_limit(RLIMIT_AS, cfg->memory_limit_bytes, cfg->memory_limit_bytes); + set_limit(RLIMIT_FSIZE, cfg->output_limit_bytes, cfg->output_limit_bytes); + set_limit(RLIMIT_CPU, (cfg->cpu_time_limit_us + 999999) / 1000000, (cfg->cpu_time_limit_us + 999999) / 1000000); // change root char *new_root = join_paths(dir, "root"); @@ -1309,10 +1309,10 @@ static int drop_all_caps(void) { return 0; } -static void set_limit(int resource, rlim_t lim) { +static void set_limit(int resource, rlim_t soft, rlim_t hard) { struct rlimit rl = { - .rlim_cur = lim, - .rlim_max = lim * 2, + .rlim_cur = soft, + .rlim_max = hard, }; setrlimit(resource, &rl); } diff --git a/tests/test_files/time_limit_exceeded.cpp b/tests/test_files/time_limit_exceeded.cpp new file mode 100644 index 0000000..b98890d --- /dev/null +++ b/tests/test_files/time_limit_exceeded.cpp @@ -0,0 +1,11 @@ +#include +using namespace std; + +int main() { + while(1) { + volatile int t = 1; + t++; + } + + return 0; +}