tor

The Tor anonymity network
git clone https://git.dasho.dev/tor.git
Log | Files | Refs | README | LICENSE
commit c320c52e89d0d950f0316d2c2f070f7adca66c80
parent 95e5f8fe03e437f75a6b9af42b0e888f1b8b75ac
Author: David Goulet <dgoulet@torproject.org>
Date:   Tue, 12 Feb 2019 13:04:25 -0500

Merge branch 'tor-github/pr/690'

Diffstat:

Achanges/bug29150 | 3+++


Msrc/lib/sandbox/sandbox.c | 6++++++


2 files changed, 9 insertions(+), 0 deletions(-)

diff --git a/changes/bug29150 b/changes/bug29150
@@ -0,0 +1,3 @@
+  o Minor bugfixes (linux seccomp sandbox):
+    - Fix startup crash when experimental sandbox support is enabled.
+      Fixes bug 29150; bugfix on 0.4.0.1-alpha. Patch by Peter Gerber.
diff --git a/src/lib/sandbox/sandbox.c b/src/lib/sandbox/sandbox.c
@@ -832,6 +832,12 @@ sb_getsockopt(scmp_filter_ctx ctx, sandbox_cfg_t *filter)
   if (rc)
     return rc;
 
+  rc = seccomp_rule_add_2(ctx, SCMP_ACT_ALLOW, SCMP_SYS(getsockopt),
+      SCMP_CMP(1, SCMP_CMP_EQ, SOL_SOCKET),
+      SCMP_CMP(2, SCMP_CMP_EQ, SO_ACCEPTCONN));
+  if (rc)
+    return rc;
+
 #ifdef HAVE_SYSTEMD
   rc = seccomp_rule_add_2(ctx, SCMP_ACT_ALLOW, SCMP_SYS(getsockopt),
       SCMP_CMP(1, SCMP_CMP_EQ, SOL_SOCKET),