Skip to content

fix: test fail on venv python3.12 due to 200MB being too small and la… #20

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
rdwj merged 5 commits into from
May 14, 2026
Merged

fix: test fail on venv python3.12 due to 200MB being too small and la… #20

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
ffa8f7d
fix: test fail on venv python3.12 due to 200MB being too small and la…
eformat May 6, 2026
b331556
update: python3.12 fixes
eformat May 7, 2026
33b3e4a
update: python3.12 fixes - add new test_default_rlimit_fires_before_c…
eformat May 7, 2026
a5c7f0b
Merge remote-tracking branch 'upstream/main' into fix-tests-python-312
eformat May 14, 2026
6a424ec
remove: redundant test
eformat May 14, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion chart/values.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@ resources:
memory: 128Mi
limits:
cpu: 500m
memory: 256Mi
memory: 704Mi

seccomp:
enabled: false
Expand Down
4 changes: 2 additions & 2 deletions docs/informed-attacker-runner.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -256,7 +256,7 @@ Landlock will block TCP connections, and UDP traffic will be dropped by NetworkP
- Non-root user (uid 1001)
- All Linux capabilities dropped
- `/tmp` volume: 10Mi limit
- Memory: 200MB RLIMIT_AS (minimal profile), 800MB (data-science profile)
- Memory: 512MB RLIMIT_AS (minimal profile), 800MB (data-science profile)

### Layer 6 — NetworkPolicy

Expand Down Expand Up @@ -385,7 +385,7 @@ These are hard limits — do not violate them:
- No fork bombs or processes that spawn unboundedly
- Do not write more than 9MB to `/tmp` (limit is 10Mi; leave headroom)
- Do not submit code with a timeout greater than 25 seconds
- Do not attempt denial-of-service (memory exhaustion is capped at 200MB by RLIMIT_AS)
- Do not attempt denial-of-service (memory exhaustion is capped at 512MB by RLIMIT_AS)

---

Expand Down
4 changes: 2 additions & 2 deletions sandbox/executor.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -355,7 +355,7 @@ async def execute_code(
timeout: float = 10.0,
*,
runtime_restrict: bool = True,
memory_limit_mb: int = 200,
memory_limit_mb: int = 512,
preimport: list[str] | None = None,
allowed_imports: frozenset[str] | None = None,
subprocess_landlock: bool = True,
Expand All @@ -370,7 +370,7 @@ async def execute_code(
that blocks imports of modules not in *allowed_imports*.
Defense-in-depth against AST bypasses.
memory_limit_mb: RLIMIT_AS limit in megabytes applied inside the
subprocess. Set to 0 to disable. Defaults to 200 MB.
subprocess. Set to 0 to disable. Defaults to 512 MB.
allowed_imports: Frozenset of top-level module names the user code
may import at runtime. Defaults to the minimal profile's
allowlist when ``None``.
Expand Down
2 changes: 1 addition & 1 deletion sandbox/profiles.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,7 @@ class ProfileResources(BaseModel):
memory: str = "256Mi"
cpu: str = "500m"
timeout_max: float = 30.0
subprocess_memory_mb: int = 200
subprocess_memory_mb: int = 512


class ScanStages(BaseModel):
Expand Down
3 changes: 3 additions & 0 deletions tests/conftest.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
import os

os.environ.setdefault("SANDBOX_SKIP_LANDLOCK", "1")
30 changes: 10 additions & 20 deletions tests/test_escape_vectors.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -731,26 +731,6 @@ class TestResourceExhaustion:
These verify that the sandbox enforces memory and disk limits.
"""

@pytest.mark.escape_vector
@pytest.mark.asyncio
@pytest.mark.skipif(
sys.platform != "linux",
reason="RLIMIT_AS enforcement is Linux-specific",
)
async def test_memory_exhaustion(self):
"""Attempt to allocate 200MB in a memory-limited sandbox."""
code = textwrap.dedent("""\
x = bytearray(200 * 1024 * 1024)
print('ALLOCATED:', len(x))
""")
# This payload uses no blocked calls -- it is pure Python.
# The guardrail won't catch it; the OS/container limits must.
result = await execute_code(code, timeout=5.0)
assert "ALLOCATED:" not in result.stdout or result.exit_code != 0, (
f"RESOURCE EXHAUSTION: 200MB allocation succeeded: "
f"stdout={result.stdout!r}"
)

@pytest.mark.escape_vector
@pytest.mark.asyncio
async def test_tmp_fill_exhaustion(self):
Expand Down Expand Up @@ -1110,6 +1090,16 @@ async def test_large_allocation_killed_by_rlimit(self):
f"200MB allocation should fail under 200MB RLIMIT_AS: {result.stdout}"
)

@pytest.mark.escape_vector
@pytest.mark.asyncio
@pytest.mark.skipif(sys.platform != "linux", reason="RLIMIT_AS is Linux-specific")
async def test_default_rlimit_fires_before_cgroup(self):
"""Allocation above the 512MB default RLIMIT_AS returns MemoryError, not a crash."""
code = "x = bytearray(600 * 1024 * 1024)\nprint('ALLOCATED')\n"
result = await execute_code(code, timeout=5.0)
assert "ALLOCATED" not in result.stdout
assert "MemoryError" in result.stderr


# ---------------------------------------------------------------------------
# Section 8: Pre-Import Attack Surface Tests
Expand Down