#29150 closed defect (fixed)

(Sandbox) Caught a bad syscall attempt (syscall getsockopt)

Reported by: pege Owned by:
Priority: Medium Milestone: Tor: 0.4.0.x-final
Component: Core Tor/Tor Version: Tor: 0.4.0.1-alpha
Severity: Normal Keywords: regression
Cc: Actual Points:
Parent ID: Points:
Reviewer: nickm Sponsor:

Description

Starting with the most recent alpha update, 0.4.0.1-alph, Tor crashes when Sandbox is set to 1.

Jan 22 20:45:03 kenzie tor[4103]: ============================================================ T= 1548186303
Jan 22 20:45:03 kenzie tor[4103]: (Sandbox) Caught a bad syscall attempt (syscall getsockopt)
Jan 22 20:45:03 kenzie tor[4103]: /usr/bin/tor(+0x1e5d2a)[0x556795d78d2a]
Jan 22 20:45:03 kenzie tor[4103]: /lib/x86_64-linux-gnu/libc.so.6(getsockopt+0xa)[0x7f9252a3189a]
Jan 22 20:45:03 kenzie tor[4103]: /usr/bin/tor(+0x67d43)[0x556795bfad43]
Jan 22 20:45:03 kenzie tor[4103]: /usr/bin/tor(+0x68551)[0x556795bfb551]
Jan 22 20:45:03 kenzie tor[4103]: /usr/bin/tor(retry_all_listeners+0x310)[0x556795bfb970]
Jan 22 20:45:03 kenzie tor[4103]: /usr/bin/tor(+0x6c99b)[0x556795bff99b]
Jan 22 20:45:03 kenzie tor[4103]: /usr/bin/tor(+0x71e33)[0x556795c04e33]
Jan 22 20:45:03 kenzie tor[4103]: /usr/lib/x86_64-linux-gnu/libevent-2.0.so.5(event_base_loop+0x6a0)[0x7f92541135a
Jan 22 20:45:03 kenzie tor[4103]: /usr/bin/tor(do_main_loop+0xbd)[0x556795c044ad]
Jan 22 20:45:03 kenzie tor[4103]: /usr/bin/tor(tor_run_main+0x11e5)[0x556795bf17e5]
Jan 22 20:45:03 kenzie tor[4103]: /usr/bin/tor(tor_main+0x3a)[0x556795bee96a]
Jan 22 20:45:03 kenzie tor[4103]: /usr/bin/tor(main+0x19)[0x556795bee4e9]
Jan 22 20:45:03 kenzie tor[4103]: /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xf1)[0x7f92529682e1]
Jan 22 20:45:03 kenzie tor[4103]: /usr/bin/tor(_start+0x2a)[0x556795bee53a]

This is a fresh Debian install:

# lsb_release -a
No LSB modules are available.
Distributor ID:	Debian
Description:	Debian GNU/Linux 9.6 (stretch)
Release:	9.6
Codename:	stretch

Child Tickets

Change History (6)

comment:1 Changed 11 months ago by pege

I did some digging and it turns out the issue is in src/core/mainloop/connection.c:1469 added as part of 9369152aae9527cc3764cac8688f258b11bd503d.

comment:2 Changed 11 months ago by pege

Checking if a socket is listening seem a reasonable thing to do. So, I wrote a patch that allows that system call that's failing:

https://gitlab.com/pgerber/tor/tree/seccomp-getsockopt

comment:3 Changed 11 months ago by arma

Keywords: regression added
Milestone: Tor: 0.4.0.x-final
Status: newneeds_review

comment:4 Changed 10 months ago by nickm

Status: needs_reviewmerge_ready

This looks good to me. I've made a PR at https://github.com/torproject/tor/pull/690 so that the CI tests can run on it.

comment:5 Changed 10 months ago by nickm

Reviewer: nickm

comment:6 Changed 10 months ago by dgoulet

Resolution: fixed
Status: merge_readyclosed

Merged!

Note: See TracTickets for help on using tickets.