[tor-commits] [tor/master] Do not try to add non-existent syscalls.

[nickm at torproject.org]

commit e9ec0cb5506b81f7f7c54e06a95dafac4acb38e3
Author: Nick Mathewson <nickm at torproject.org>
Date:   Mon Sep 9 15:37:45 2013 -0400

    Do not try to add non-existent syscalls.
---
 src/common/sandbox.c |    6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/src/common/sandbox.c b/src/common/sandbox.c
index c6c9348..a5bc892 100644
--- a/src/common/sandbox.c
+++ b/src/common/sandbox.c
@@ -1187,10 +1187,12 @@ add_noparam_filter(scmp_filter_ctx ctx)
 
   // add general filters
   for (i = 0; i < ARRAY_LENGTH(filter_nopar_gen); i++) {
+    if (filter_nopar_gen[i] < 0)
+      continue;
     rc = seccomp_rule_add(ctx, SCMP_ACT_ALLOW, filter_nopar_gen[i], 0);
     if (rc != 0) {
-      log_err(LD_BUG,"(Sandbox) failed to add syscall index %d, "
-          "received libseccomp error %d", i, rc);
+      log_err(LD_BUG,"(Sandbox) failed to add syscall index %d (NR=%d), "
+          "received libseccomp error %d", i, filter_nopar_gen[i], rc);
       return rc;
     }
   }