diff options
Diffstat (limited to 'src/common')
-rw-r--r-- | src/common/compat.c | 22 | ||||
-rw-r--r-- | src/common/timers.c | 2 | ||||
-rw-r--r-- | src/common/util.c | 25 |
3 files changed, 24 insertions, 25 deletions
diff --git a/src/common/compat.c b/src/common/compat.c index 836b3813e0..68938ae91f 100644 --- a/src/common/compat.c +++ b/src/common/compat.c @@ -2235,35 +2235,33 @@ switch_id(const char *user, const unsigned flags) int tor_disable_debugger_attach(void) { - int r, attempted; - r = -1; - attempted = 0; + int r = -1; log_debug(LD_CONFIG, "Attemping to disable debugger attachment to Tor for " "unprivileged users."); #if defined(__linux__) && defined(HAVE_SYS_PRCTL_H) && defined(HAVE_PRCTL) #ifdef PR_SET_DUMPABLE - attempted = 1; +#define TRIED_TO_DISABLE r = prctl(PR_SET_DUMPABLE, 0); #endif -#endif -#if defined(__APPLE__) && defined(PT_DENY_ATTACH) - if (r < 0) { - attempted = 1; - r = ptrace(PT_DENY_ATTACH, 0, 0, 0); - } +#elif defined(__APPLE__) && defined(PT_DENY_ATTACH) +#define TRIED_TO_DISABLE + r = ptrace(PT_DENY_ATTACH, 0, 0, 0); #endif // XXX: TODO - Mac OS X has dtrace and this may be disabled. // XXX: TODO - Windows probably has something similar - if (r == 0 && attempted) { +#ifdef TRIED_TO_DISABLE + if (r == 0) { log_debug(LD_CONFIG,"Debugger attachment disabled for " "unprivileged users."); return 1; - } else if (attempted) { + } else { log_warn(LD_CONFIG, "Unable to disable debugger attaching: %s", strerror(errno)); } +#endif +#undef TRIED_TO_DISABLE return r; } diff --git a/src/common/timers.c b/src/common/timers.c index c43c49c083..42d368baab 100644 --- a/src/common/timers.c +++ b/src/common/timers.c @@ -191,7 +191,7 @@ timers_initialize(void) if (BUG(global_timeouts)) return; // LCOV_EXCL_LINE - timeout_error_t err; + timeout_error_t err = 0; global_timeouts = timeouts_open(0, &err); if (!global_timeouts) { // LCOV_EXCL_START -- this can only fail on malloc failure. diff --git a/src/common/util.c b/src/common/util.c index 6e08979ff1..c8358ea705 100644 --- a/src/common/util.c +++ b/src/common/util.c @@ -3610,7 +3610,7 @@ start_daemon(void) } else { /* Child */ close(daemon_filedes[0]); /* we only write */ - pid = setsid(); /* Detach from controlling terminal */ + (void) setsid(); /* Detach from controlling terminal */ /* * Fork one more time, so the parent (the session group leader) can exit. * This means that we, as a non-session group leader, can never regain a @@ -4308,7 +4308,6 @@ tor_spawn_background(const char *const filename, const char **argv, int stderr_pipe[2]; int stdin_pipe[2]; int fd, retval; - ssize_t nbytes; process_handle_t *process_handle; int status; @@ -4329,7 +4328,7 @@ tor_spawn_background(const char *const filename, const char **argv, and we are not allowed to use unsafe functions between fork and exec */ error_message_length = strlen(error_message); - child_state = CHILD_STATE_PIPE; + // child_state = CHILD_STATE_PIPE; /* Set up pipe for redirecting stdout, stderr, and stdin of child */ retval = pipe(stdout_pipe); @@ -4366,7 +4365,7 @@ tor_spawn_background(const char *const filename, const char **argv, return status; } - child_state = CHILD_STATE_MAXFD; + // child_state = CHILD_STATE_MAXFD; #ifdef _SC_OPEN_MAX if (-1 == max_fd) { @@ -4381,7 +4380,7 @@ tor_spawn_background(const char *const filename, const char **argv, max_fd = DEFAULT_MAX_FD; #endif - child_state = CHILD_STATE_FORK; + // child_state = CHILD_STATE_FORK; pid = fork(); if (0 == pid) { @@ -4417,7 +4416,7 @@ tor_spawn_background(const char *const filename, const char **argv, if (-1 == retval) goto error; - child_state = CHILD_STATE_CLOSEFD; + // child_state = CHILD_STATE_CLOSEFD; close(stderr_pipe[0]); close(stderr_pipe[1]); @@ -4433,7 +4432,7 @@ tor_spawn_background(const char *const filename, const char **argv, close(fd); } - child_state = CHILD_STATE_EXEC; + // child_state = CHILD_STATE_EXEC; /* Call the requested program. We need the cast because execvp doesn't define argv as const, even though it @@ -4452,7 +4451,8 @@ tor_spawn_background(const char *const filename, const char **argv, error: { /* XXX: are we leaking fds from the pipe? */ - int n; + int n, err=0; + ssize_t nbytes; n = format_helper_exit_status(child_state, errno, hex_errno); @@ -4461,13 +4461,14 @@ tor_spawn_background(const char *const filename, const char **argv, value, but there is nothing we can do if it fails */ /* TODO: Don't use STDOUT, use a pipe set up just for this purpose */ nbytes = write(STDOUT_FILENO, error_message, error_message_length); + err = (nbytes < 0); nbytes = write(STDOUT_FILENO, hex_errno, n); + err += (nbytes < 0); } - } - (void) nbytes; + _exit(err?254:255); + } - _exit(255); /* Never reached, but avoids compiler warning */ return status; // LCOV_EXCL_LINE } @@ -4534,7 +4535,7 @@ tor_spawn_background(const char *const filename, const char **argv, } *process_handle_out = process_handle; - return process_handle->status; + return status; #endif // _WIN32 } |