refactor: format code.

Author: liqiang-fit2cloud

installer/sandbox.c

@@ -23,11 +23,7 @@
 #define CONFIG_FILE ".sandbox.conf"
 #define KEY_BANNED_HOSTS "SANDBOX_PYTHON_BANNED_HOSTS"
 #define KEY_ALLOW_SUBPROCESS "SANDBOX_PYTHON_ALLOW_SUBPROCESS"
-#define RESOLVE_REAL(func)                      \
-    static typeof(func) *real_##func = NULL;    \
-    if (!real_##func) {                         \
-        real_##func = dlsym(RTLD_NEXT, #func);  \
-    }
+
 static char *banned_hosts = NULL;
 static int allow_subprocess = 0; // 默认禁止
 
@@ -120,7 +116,8 @@ static int match_env_patterns(const char *target, const char *env_val) {
 /** 拦截 connect() —— 精确匹配 IP */
 int connect(int sockfd, const struct sockaddr *addr, socklen_t addrlen) {
     static int (*real_connect)(int, const struct sockaddr *, socklen_t) = NULL;
-    RESOLVE_REAL(connect);
+    if (!real_connect)
+        real_connect = dlsym(RTLD_NEXT, "connect");
     ensure_config_loaded();
     char ip[INET6_ADDRSTRLEN] = {0};
     if (addr->sa_family == AF_INET)
@@ -140,7 +137,8 @@ int getaddrinfo(const char *node, const char *service,
                 const struct addrinfo *hints, struct addrinfo **res) {
     static int (*real_getaddrinfo)(const char *, const char *,
                                    const struct addrinfo *, struct addrinfo **) = NULL;
-    RESOLVE_REAL(getaddrinfo);
+    if (!real_getaddrinfo)
+        real_getaddrinfo = dlsym(RTLD_NEXT, "getaddrinfo");
     ensure_config_loaded();
     if (banned_hosts && *banned_hosts && node) {
         // 检测 node 是否是 IP
@@ -166,6 +164,11 @@ static int deny() {
     _exit(1);
     return -1;
 }
+#define RESOLVE_REAL(func)                      \
+    static typeof(func) *real_##func = NULL;    \
+    if (!real_##func) {                         \
+        real_##func = dlsym(RTLD_NEXT, #func);  \
+    }
 int execve(const char *filename, char *const argv[], char *const envp[]) {
     RESOLVE_REAL(execve);
     if (!allow_create_subprocess()) return deny();