[tor-commits] [tor/master] fixed memory leak, added array filter support

13 Sep 2013

commit 44a4464cf6d4dac88c46b8ffdb6ad002d03ade62
Author: Cristian Toader cristian.matei.toader@gmail.com
Date:   Sat Aug 10 18:04:48 2013 +0300
fixed memory leak, added array filter support
---
 src/common/sandbox.c |   81 +++++++++++++++++++++++++++++++++++++-
 src/common/sandbox.h |   13 ++++++-
 src/or/main.c        |  106 ++++++++++++++++++++------------------------------
 3 files changed, 132 insertions(+), 68 deletions(-)

diff --git a/src/common/sandbox.c b/src/common/sandbox.c
index 2ba1432..f2ead21 100644
--- a/src/common/sandbox.c
+++ b/src/common/sandbox.c
@@ -37,6 +37,7 @@
 #include <linux/futex.h>
 #include <bits/signum.h>
+#include <stdarg.h>
 #include <seccomp.h>
 #include <signal.h>
 #include <unistd.h>
@@ -616,7 +617,7 @@ prot_strdup(char* str)
 }
int
-sandbox_cfg_allow_open_filename(sandbox_cfg_t **cfg, char *file)
+sandbox_cfg_allow_open_filename(sandbox_cfg_t **cfg, char *file, char fr)
 {
   sandbox_cfg_t *elem = NULL;
@@ -630,11 +631,37 @@ sandbox_cfg_allow_open_filename(sandbox_cfg_t **cfg, char *file)
   elem->next = *cfg;
   *cfg = elem;
+  if (fr) tor_free_(file);
+
+  return 0;
+}
+
+int
+sandbox_cfg_allow_open_filename_array(sandbox_cfg_t **cfg, int num, ...)
+{
+  int rc = 0, i;
+
+  va_list ap;
+  va_start(ap, num);
+
+  for (i = 0; i < num; i++) {
+    char *fn = va_arg(ap, char*);
+    char fr = (char) va_arg(ap, int);
+
+    rc = sandbox_cfg_allow_open_filename(cfg, fn, fr);
+    if(rc) {
+      log_err(LD_BUG,"(Sandbox) failed on par %d", i);
+      goto end;
+    }
+  }
+
+ end:
+  va_end(ap);
   return 0;
 }
int
-sandbox_cfg_allow_openat_filename(sandbox_cfg_t **cfg, char *file)
+sandbox_cfg_allow_openat_filename(sandbox_cfg_t **cfg, char *file, char fr)
 {
   sandbox_cfg_t *elem = NULL;
@@ -648,6 +675,32 @@ sandbox_cfg_allow_openat_filename(sandbox_cfg_t **cfg, char *file)
   elem->next = *cfg;
   *cfg = elem;
+  if (fr) tor_free_(file);
+
+  return 0;
+}
+
+int
+sandbox_cfg_allow_openat_filename_array(sandbox_cfg_t **cfg, int num, ...)
+{
+  int rc = 0, i;
+
+  va_list ap;
+  va_start(ap, num);
+
+  for (i = 0; i < num; i++) {
+    char *fn = va_arg(ap, char*);
+    char fr = (char) va_arg(ap, int);
+
+    rc = sandbox_cfg_allow_openat_filename(cfg, fn, fr);
+    if(rc) {
+      log_err(LD_BUG,"(Sandbox) failed on par %d", i);
+      goto end;
+    }
+  }
+
+ end:
+  va_end(ap);
   return 0;
 }
@@ -669,6 +722,30 @@ sandbox_cfg_allow_execve(sandbox_cfg_t **cfg, char *com)
   return 0;
 }
+int
+sandbox_cfg_allow_execve_array(sandbox_cfg_t **cfg, int num, ...)
+{
+  int rc = 0, i;
+
+  va_list ap;
+  va_start(ap, num);
+
+  for (i = 0; i < num; i++) {
+    char *fn = va_arg(ap, char*);
+
+    rc = sandbox_cfg_allow_execve(cfg, fn);
+
+    if(rc) {
+      log_err(LD_BUG,"(Sandbox) failed on par %d", i);
+      goto end;
+    }
+  }
+
+ end:
+  va_end(ap);
+  return 0;
+}
+
 static int
 add_param_filter(scmp_filter_ctx ctx, sandbox_cfg_t* cfg)
 {
diff --git a/src/common/sandbox.h b/src/common/sandbox.h
index 2b26544..33668d9 100644
--- a/src/common/sandbox.h
+++ b/src/common/sandbox.h
@@ -98,9 +98,18 @@ int tor_global_sandbox(void);
 const char* sandbox_intern_string(const char *param);
sandbox_cfg_t * sandbox_cfg_new();
-int sandbox_cfg_allow_open_filename(sandbox_cfg_t **cfg, char *file);
-int sandbox_cfg_allow_openat_filename(sandbox_cfg_t **cfg, char *file);
+
+int sandbox_cfg_allow_open_filename(sandbox_cfg_t **cfg, char *file,
+    char fr);
+int sandbox_cfg_allow_open_filename_array(sandbox_cfg_t **cfg, int num, ...);
+
+int sandbox_cfg_allow_openat_filename(sandbox_cfg_t **cfg, char *file,
+    char fr);
+int sandbox_cfg_allow_openat_filename_array(sandbox_cfg_t **cfg, int num, ...);
+
 int sandbox_cfg_allow_execve(sandbox_cfg_t **cfg, char *com);
+int sandbox_cfg_allow_execve_array(sandbox_cfg_t **cfg, int num, ...);
+
 int sandbox_init(sandbox_cfg_t* cfg);
#endif /* SANDBOX_H_ */
diff --git a/src/or/main.c b/src/or/main.c
index 36acde4..c236e83 100644
--- a/src/or/main.c
+++ b/src/or/main.c
@@ -2644,73 +2644,51 @@ sandbox_init_filter()
 {
   sandbox_cfg_t *cfg = sandbox_cfg_new();
-  // TODO: mem leak
-  sandbox_cfg_allow_openat_filename(&cfg, get_datadir_fname("cached-status"));
-
-  sandbox_cfg_allow_open_filename(&cfg, get_datadir_fname("cached-certs"));
-  sandbox_cfg_allow_open_filename(&cfg, get_datadir_fname("cached-certs.tmp"));
-  sandbox_cfg_allow_open_filename(&cfg, get_datadir_fname("cached-consensus"));
-  sandbox_cfg_allow_open_filename(&cfg,
-      get_datadir_fname("unverified-consensus"));
-  sandbox_cfg_allow_open_filename(&cfg,
-      get_datadir_fname("cached-microdesc-consensus"));
-  sandbox_cfg_allow_open_filename(&cfg,
-      get_datadir_fname("cached-microdesc-consensus.tmp"));
-  sandbox_cfg_allow_open_filename(&cfg, get_datadir_fname("cached-microdescs"));
-  sandbox_cfg_allow_open_filename(&cfg,
-      get_datadir_fname("cached-microdescs.tmp"));
-  sandbox_cfg_allow_open_filename(&cfg,
-      get_datadir_fname("cached-microdescs.new"));
-  sandbox_cfg_allow_open_filename(&cfg,
-      get_datadir_fname("cached-microdescs.new.tmp"));
-  sandbox_cfg_allow_open_filename(&cfg,
-      get_datadir_fname("unverified-microdesc-consensus"));
-  sandbox_cfg_allow_open_filename(&cfg,
-      get_datadir_fname("cached-descriptors"));
-  sandbox_cfg_allow_open_filename(&cfg,
-      get_datadir_fname("cached-descriptors.new"));
-  sandbox_cfg_allow_open_filename(&cfg,
-      get_datadir_fname("cached-descriptors.tmp"));
-  sandbox_cfg_allow_open_filename(&cfg,
-      get_datadir_fname("cached-descriptors.new.tmp"));
-  sandbox_cfg_allow_open_filename(&cfg,
-      get_datadir_fname("cached-descriptors.tmp.tmp"));
-  sandbox_cfg_allow_open_filename(&cfg, get_datadir_fname("cached-extrainfo"));
-  sandbox_cfg_allow_open_filename(&cfg, get_datadir_fname("state.tmp"));
-  sandbox_cfg_allow_open_filename(&cfg,
-      get_datadir_fname("unparseable-desc.tmp"));
-  sandbox_cfg_allow_open_filename(&cfg, get_datadir_fname("unparseable-desc"));
+  sandbox_cfg_allow_openat_filename(&cfg,
+      get_datadir_fname("cached-status"), 1);
+
+  sandbox_cfg_allow_open_filename_array(&cfg, 22,
+      get_datadir_fname("cached-certs"), 1,
+      get_datadir_fname("cached-certs.tmp"), 1,
+      get_datadir_fname("cached-consensus"), 1,
+      get_datadir_fname("unverified-consensus"), 1,
+      get_datadir_fname("cached-microdesc-consensus"), 1,
+      get_datadir_fname("cached-microdesc-consensus.tmp"), 1,
+      get_datadir_fname("cached-microdescs"), 1,
+      get_datadir_fname("cached-microdescs.tmp"), 1,
+      get_datadir_fname("cached-microdescs.new"), 1,
+      get_datadir_fname("cached-microdescs.new.tmp"), 1,
+      get_datadir_fname("unverified-microdesc-consensus"), 1,
+      get_datadir_fname("cached-descriptors"), 1,
+      get_datadir_fname("cached-descriptors.new"), 1,
+      get_datadir_fname("cached-descriptors.tmp"), 1,
+      get_datadir_fname("cached-descriptors.new.tmp"), 1,
+      get_datadir_fname("cached-descriptors.tmp.tmp"), 1,
+      get_datadir_fname("cached-extrainfo"), 1,
+      get_datadir_fname("state.tmp"), 1,
+      get_datadir_fname("unparseable-desc.tmp"), 1,
+      get_datadir_fname("unparseable-desc"), 1,
+      "/dev/srandom", 0,
+      "/dev/urandom", 0
+  );
// orport
   if (server_mode(get_options())) {
-    sandbox_cfg_allow_open_filename(&cfg,
-        get_datadir_fname2("keys", "secret_id_key"));
-    sandbox_cfg_allow_open_filename(&cfg,
-        get_datadir_fname2("keys", "secret_onion_key"));
-    sandbox_cfg_allow_open_filename(&cfg,
-        get_datadir_fname2("keys", "secret_onion_key_ntor"));
-    sandbox_cfg_allow_open_filename(&cfg,
-        get_datadir_fname2("keys", "secret_onion_key_ntor.tmp"));
-    sandbox_cfg_allow_open_filename(&cfg,
-        get_datadir_fname2("keys", "secret_id_key.old"));
-    sandbox_cfg_allow_open_filename(&cfg,
-        get_datadir_fname2("keys", "secret_onion_key.old"));
-    sandbox_cfg_allow_open_filename(&cfg,
-        get_datadir_fname2("keys", "secret_onion_key_ntor.old"));
-    sandbox_cfg_allow_open_filename(&cfg,
-        get_datadir_fname2("keys", "secret_onion_key.tmp"));
-
-    sandbox_cfg_allow_open_filename(&cfg, get_datadir_fname("fingerprint"));
-    sandbox_cfg_allow_open_filename(&cfg,
-        get_datadir_fname("cached-consensus.tmp"));
-    sandbox_cfg_allow_open_filename(&cfg,
-        get_datadir_fname("cached-consensus"));
-
-    sandbox_cfg_allow_open_filename(&cfg, "/etc/resolv.conf");
-    sandbox_cfg_allow_open_filename(&cfg, "/dev/srandom");
-    sandbox_cfg_allow_open_filename(&cfg, "/dev/urandom");
-    sandbox_cfg_allow_open_filename(&cfg, "/dev/random");
-
+    sandbox_cfg_allow_open_filename_array(&cfg, 13,
+        get_datadir_fname2("keys", "secret_id_key"), 1,
+        get_datadir_fname2("keys", "secret_onion_key"), 1,
+        get_datadir_fname2("keys", "secret_onion_key_ntor"), 1,
+        get_datadir_fname2("keys", "secret_onion_key_ntor.tmp"), 1,
+        get_datadir_fname2("keys", "secret_id_key.old"), 1,
+        get_datadir_fname2("keys", "secret_onion_key.old"), 1,
+        get_datadir_fname2("keys", "secret_onion_key_ntor.old"), 1,
+        get_datadir_fname2("keys", "secret_onion_key.tmp"), 1,
+        get_datadir_fname("fingerprint"), 1,
+        get_datadir_fname("cached-consensus"), 1,
+        get_datadir_fname("cached-consensus.tmp"), 1,
+        "/etc/resolv.conf", 0,
+        "/dev/random", 0
+    );
   }
sandbox_cfg_allow_execve(&cfg, "/usr/local/bin/tor");

    

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

[tor-commits] [tor/master] fixed memory leak, added array filter support