diff options
author | Andrea Shepard <andrea@torproject.org> | 2016-06-29 22:47:41 +0000 |
---|---|---|
committer | Andrea Shepard <andrea@torproject.org> | 2016-06-30 07:03:25 +0000 |
commit | dc37546cff2f025613ef142e74ad4db1c7d99ade (patch) | |
tree | 9e062728701e6bf27a8148bfcd16bf59422d77c7 /src | |
parent | 603f483092778786e29944acf71a608bfa21650b (diff) | |
download | tor-dc37546cff2f025613ef142e74ad4db1c7d99ade.tar.gz tor-dc37546cff2f025613ef142e74ad4db1c7d99ade.zip |
Add sandbox_is_active() check to dump_desc()
Diffstat (limited to 'src')
-rw-r--r-- | src/or/routerparse.c | 55 |
1 files changed, 35 insertions, 20 deletions
diff --git a/src/or/routerparse.c b/src/or/routerparse.c index afdfcbd403..93b90cc28d 100644 --- a/src/or/routerparse.c +++ b/src/or/routerparse.c @@ -28,6 +28,7 @@ #include "routerparse.h" #include "entrynodes.h" #include "torcert.h" +#include "sandbox.h" #undef log #include <math.h> @@ -768,35 +769,49 @@ dump_desc(const char *desc, const char *type) tor_asprintf(&debugfile_base, "unparseable-desc.%s", digest_sha256_hex); debugfile = get_datadir_fname(debugfile_base); - if (len <= get_options()->MaxUnparseableDescSizeToLog) { - if (!dump_desc_fifo_bump_hash(digest_sha256)) { - /* Write it, and tell the main log about it */ - write_str_to_file(debugfile, desc, 1); - log_info(LD_DIR, - "Unable to parse descriptor of type %s with hash %s and " - "length %lu. See file %s in data directory for details.", - type, digest_sha256_hex, (unsigned long)len, debugfile_base); - - dump_desc_fifo_add_and_clean(debugfile, digest_sha256, len); - /* Since we handed ownership over, don't free debugfile later */ - debugfile = NULL; + if (!sandbox_is_active()) { + if (len <= get_options()->MaxUnparseableDescSizeToLog) { + if (!dump_desc_fifo_bump_hash(digest_sha256)) { + /* Write it, and tell the main log about it */ + write_str_to_file(debugfile, desc, 1); + log_info(LD_DIR, + "Unable to parse descriptor of type %s with hash %s and " + "length %lu. See file %s in data directory for details.", + type, digest_sha256_hex, (unsigned long)len, + debugfile_base); + dump_desc_fifo_add_and_clean(debugfile, digest_sha256, len); + /* Since we handed ownership over, don't free debugfile later */ + debugfile = NULL; + } else { + /* We already had one with this hash dumped */ + log_info(LD_DIR, + "Unable to parse descriptor of type %s with hash %s and " + "length %lu. Descriptor not dumped because one with that " + "hash has already been dumped.", + type, digest_sha256_hex, (unsigned long)len); + /* We do have to free debugfile in this case */ + } } else { - /* We already had one with this hash dumped */ + /* Just log that it happened without dumping */ log_info(LD_DIR, "Unable to parse descriptor of type %s with hash %s and " - "length %lu. Descriptor not dumped because one with that hash " - "has already been dumped.", + "length %lu. Descriptor not dumped because it exceeds maximum" + " log size all by itself.", type, digest_sha256_hex, (unsigned long)len); /* We do have to free debugfile in this case */ } } else { - /* Just log that it happened without dumping */ + /* + * Not logging because the sandbox is active and seccomp2 apparently + * doesn't have a sensible way to allow filenames according to a pattern + * match. (If we ever figure out how to say "allow writes to /regex/", + * remove this checK). + */ log_info(LD_DIR, - "Unable to parse descriptor of type %s with hash %s and length " - "%lu. Descriptor not dumped because it exceeds maximum log size " - "all by itself.", + "Unable to parse descriptor of type %s with hash %s and " + "length %lu. Descriptor not dumped because the sandbox is " + "active", type, digest_sha256_hex, (unsigned long)len); - /* We do have to free debugfile in this case */ } tor_free(debugfile_base); |