[tor-commits] [torsocks/master] Fix: switch back to a syscall whitelist scheme
dgoulet at torproject.org
dgoulet at torproject.org
Mon Jan 19 17:23:49 UTC 2015
commit a9ed7e3bb4c081f4cf39ece91027f1c9b6f099f2
Author: David Goulet <dgoulet at ev0ke.net>
Date: Mon Jan 19 11:59:41 2015 -0500
Fix: switch back to a syscall whitelist scheme
syscall() can't take a va_list so we can't forward every non dangerous
syscall using the libc syscall() thus having to deny non supported ones.
It's a bit sad but I have no other solution for that. Please let me know
if anyone comes up with one! :)
Signed-off-by: David Goulet <dgoulet at ev0ke.net>
---
src/lib/syscall.c | 14 ++++++++++----
1 file changed, 10 insertions(+), 4 deletions(-)
diff --git a/src/lib/syscall.c b/src/lib/syscall.c
index 96016bb..ec10000 100644
--- a/src/lib/syscall.c
+++ b/src/lib/syscall.c
@@ -229,8 +229,14 @@ LIBC_SYSCALL_RET_TYPE tsocks_syscall(long int number, va_list args)
ret = handle_recvmsg(args);
break;
default:
- /* Safe to call the libc syscall function. */
- ret = tsocks_libc_syscall(number, args);
+ /*
+ * Because of the design of syscall(), we can't pass a va_list to it so
+ * we are constraint to use a whitelist scheme and denying the rest.
+ */
+ WARN("[syscall] Unsupported syscall number %ld. Denying the call",
+ number);
+ ret = -1;
+ errno = ENOSYS;
break;
}
@@ -297,8 +303,8 @@ LIBC___SYSCALL_RET_TYPE tsocks___syscall(quad_t number, va_list args)
break;
default:
/*
- * Deny call since we have no idea if this call can leak or not data
- * off the Tor network.
+ * Because of the design of syscall(), we can't pass a va_list to it so
+ * we are constraint to use a whitelist scheme and denying the rest.
*/
WARN("[syscall] Unsupported __syscall number %ld. Denying the call",
number);
More information about the tor-commits
mailing list