Open trombonehero opened 9 years ago
It would be great if the representation for this could be consistent with what we do in a vulnerability_warning
, i.e.:
{
"function": "_ZNK6SkMask16computeImageSizeEv",
"sandbox": "capsicum", // or, as would often be the case, "sandbox": null
"location": {
"file": "../../third_party/skia/src/core/SkMask.cpp",
"line": 23
},
/* ... */
"trace_ref": "!trace0"
}
Currently, SOAAP's
private_access
warnings tell us what sandbox the data being accessed was supposed to belong to (with thesandbox_private
) field. I would also like to know what sandbox the access actually occurred in.