mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-11-20 10:12:15 +01:00
Fix sandbox protection for rename
(We were only checking the first parameter of each rename call.)
This commit is contained in:
parent
739a52592b
commit
12028c29e6
@ -377,13 +377,10 @@ sb_rename(scmp_filter_ctx ctx, sandbox_cfg_t *filter)
|
||||
if (param != NULL && param->prot == 1 &&
|
||||
param->syscall == SCMP_SYS(rename)) {
|
||||
|
||||
intptr_t value2 = (intptr_t)(void*)sandbox_intern_string(
|
||||
(char*)param->value2);
|
||||
|
||||
rc = seccomp_rule_add(ctx, SCMP_ACT_ALLOW,
|
||||
SCMP_SYS(rename), 1,
|
||||
SCMP_SYS(rename), 2,
|
||||
SCMP_CMP(0, SCMP_CMP_EQ, param->value),
|
||||
SCMP_CMP(1, SCMP_CMP_EQ, value2));
|
||||
SCMP_CMP(1, SCMP_CMP_EQ, param->value2));
|
||||
if (rc != 0) {
|
||||
log_err(LD_BUG,"(Sandbox) failed to add rename syscall, received "
|
||||
"libseccomp error %d", rc);
|
||||
@ -1152,15 +1149,6 @@ sandbox_cfg_allow_rename(sandbox_cfg_t **cfg, char *file1, char *file2)
|
||||
elem->next = *cfg;
|
||||
*cfg = elem;
|
||||
|
||||
/* For interning */
|
||||
elem = new_element(-1, (intptr_t)(void*)tor_strdup(file2));
|
||||
if (!elem) {
|
||||
log_err(LD_BUG,"(Sandbox) failed to register parameter!");
|
||||
return -1;
|
||||
}
|
||||
elem->next = *cfg;
|
||||
*cfg = elem;
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user