[tor-bugs] #22794 [Applications/Tor Browser Sandbox]: Don't open AF_INET/AF_INET6 sockets when AF_LOCAL is configured.
Tor Bug Tracker & Wiki
blackhole at torproject.org
Sun Jul 2 14:33:02 UTC 2017
#22794: Don't open AF_INET/AF_INET6 sockets when AF_LOCAL is configured.
----------------------------------------------+-------------------------
Reporter: yawning | Owner: yawning
Type: defect | Status: new
Priority: Medium | Milestone:
Component: Applications/Tor Browser Sandbox | Version:
Severity: Normal | Resolution:
Keywords: tbb-security, tbb-sandboxing | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
----------------------------------------------+-------------------------
Comment (by yawning):
A minimal/self contained LD_PRELOAD that can reproduce the behavior:
{{{
#include <sys/types.h>
#include <sys/socket.h>
#include <errno.h>
#include <stdio.h>
#define _GNU_SOURCE
#include <unistd.h>
#include <syscall.h>
int socket(int domain, int type, int protocol) {
fprintf(stderr, "stub: socket(%d, 0x%08x, %d)\n", domain, type,
protocol);
if (domain != AF_LOCAL) {
fprintf(stderr, "stub: domain is not AF_LOCAL, rejecting\n");
errno = EAFNOSUPPORT;
return -1;
}
return syscall(SYS_socket, domain, type, protocol);
}
}}}
And commenting out the rejection (as in always calling `syscall()`,
regardless of the domain), magically makes things start to work.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/22794#comment:1>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list