From 6af8b8859fde3a2b63afee20f004e184896cec3a Mon Sep 17 00:00:00 2001
From: Ophestra <cat@gensokyo.uk>
Date: Thu, 13 Mar 2025 00:41:37 +0900
Subject: [PATCH] sandbox: read overflow ids

Signed-off-by: Ophestra <cat@gensokyo.uk>
---
 internal/sandbox/overflow.go | 37 ++++++++++++++++++++++++++++++++++++
 1 file changed, 37 insertions(+)
 create mode 100644 internal/sandbox/overflow.go

diff --git a/internal/sandbox/overflow.go b/internal/sandbox/overflow.go
new file mode 100644
index 0000000..ebaad70
--- /dev/null
+++ b/internal/sandbox/overflow.go
@@ -0,0 +1,37 @@
+package sandbox
+
+import (
+	"bytes"
+	"log"
+	"os"
+	"strconv"
+	"sync"
+)
+
+var (
+	ofUid  int
+	ofGid  int
+	ofOnce sync.Once
+)
+
+const (
+	ofUidPath = "/proc/sys/kernel/overflowuid"
+	ofGidPath = "/proc/sys/kernel/overflowgid"
+)
+
+func mustReadOverflow() {
+	if v, err := os.ReadFile(ofUidPath); err != nil {
+		log.Fatalf("cannot read %q: %v", ofUidPath, err)
+	} else if ofUid, err = strconv.Atoi(string(bytes.TrimSpace(v))); err != nil {
+		log.Fatalf("cannot interpret %q: %v", ofUidPath, err)
+	}
+
+	if v, err := os.ReadFile(ofGidPath); err != nil {
+		log.Fatalf("cannot read %q: %v", ofGidPath, err)
+	} else if ofGid, err = strconv.Atoi(string(bytes.TrimSpace(v))); err != nil {
+		log.Fatalf("cannot interpret %q: %v", ofGidPath, err)
+	}
+}
+
+func OverflowUid() int { ofOnce.Do(mustReadOverflow); return ofUid }
+func OverflowGid() int { ofOnce.Do(mustReadOverflow); return ofGid }