Introduce arg-counting macros to wrap seccomp_rule_add() - tor - Transit encryption and privacy out of the box

diff options

author	Nick Mathewson <nickm@torproject.org>	2014-04-16 12:59:33 -0400
committer	Nick Mathewson <nickm@torproject.org>	2014-04-16 22:03:09 -0400
commit	8dc6755f6d65d7ff847bd5e8cf681e6de7fabbc5 (patch)
tree	eed5e8d60a86ff4f7c679c44ddd1286afe7fd300 /src/or/dns.c
parent	12028c29e6ee8d0d9c02b32f1a52a35138e148e3 (diff)
download	tor-8dc6755f6d65d7ff847bd5e8cf681e6de7fabbc5.tar.gz tor-8dc6755f6d65d7ff847bd5e8cf681e6de7fabbc5.zip

Introduce arg-counting macros to wrap seccomp_rule_add()

The compiler doesn't warn about this code: rc = seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(openat), 1, SCMP_CMP(0, SCMP_CMP_EQ, AT_FDCWD), SCMP_CMP(1, SCMP_CMP_EQ, param->value), SCMP_CMP(2, SCMP_CMP_EQ, O_RDONLY|...)); but note that the arg_cnt argument above is only 1. This means that only the first filter (argument 0 == AT_FDCWD) is actually checked! This patch also fixes the above error in the openat() filter. Earlier I fixed corresponding errors in filters for rename() and mprotect().

Diffstat (limited to 'src/or/dns.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: