packages/firefox
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
firefox/Bug-1660901-Support-the-fstat-like-subset-of-fstatat-in-the-Linux-sandbox-policies.patch
lingsheng b2c7ec42b8 Fix firefox video tab crash with rust 1.51
2021-07-08 15:18:30 +08:00

61 lines
2.3 KiB
Diff
Raw Blame History

# HG changeset patch
# User Jed Davis <jld@mozilla.com>
# Date 1598606638 0
# Node ID a65fc6aca1f2337cb5e8e69f50b539d3c0de95ab
# Parent a6c226548fa02c3ac4681499103cd85217c6de07
Bug 1660901 - Support the fstat-like subset of fstatat in the Linux sandbox policies. r=gcp, a=RyanVM
Differential Revision: https://phabricator.services.mozilla.com/D88499
diff --git a/security/sandbox/linux/SandboxFilter.cpp b/security/sandbox/linux/SandboxFilter.cpp
--- a/security/sandbox/linux/SandboxFilter.cpp
+++ b/security/sandbox/linux/SandboxFilter.cpp
@@ -238,16 +238,22 @@ class SandboxPolicyCommon : public Sandb
}
static intptr_t StatAtTrap(ArgsRef aArgs, void* aux) {
auto broker = static_cast<SandboxBrokerClient*>(aux);
auto fd = static_cast<int>(aArgs.args[0]);
auto path = reinterpret_cast<const char*>(aArgs.args[1]);
auto buf = reinterpret_cast<statstruct*>(aArgs.args[2]);
auto flags = static_cast<int>(aArgs.args[3]);
+
+ if (fd != AT_FDCWD && (flags & AT_EMPTY_PATH) != 0 &&
+ strcmp(path, "") == 0) {
+ return ConvertError(fstatsyscall(fd, buf));
+ }
+
if (fd != AT_FDCWD && path[0] != '/') {
SANDBOX_LOG_ERROR("unsupported fd-relative fstatat(%d, \"%s\", %p, %d)",
fd, path, buf, flags);
return BlockedSyscallTrap(aArgs, nullptr);
}
if ((flags & ~AT_SYMLINK_NOFOLLOW) != 0) {
SANDBOX_LOG_ERROR("unsupported flags %d in fstatat(%d, \"%s\", %p, %d)",
(flags & ~AT_SYMLINK_NOFOLLOW), fd, path, buf, flags);
diff --git a/security/sandbox/linux/broker/SandboxBrokerUtils.h b/security/sandbox/linux/broker/SandboxBrokerUtils.h
--- a/security/sandbox/linux/broker/SandboxBrokerUtils.h
+++ b/security/sandbox/linux/broker/SandboxBrokerUtils.h
@@ -14,17 +14,19 @@
// On 32-bit Linux, stat calls are translated by libc into stat64
// calls. We'll intercept those and handle them in the stat functions
// but must be sure to use the right structure layout.
#if defined(__NR_stat64)
typedef struct stat64 statstruct;
# define statsyscall stat64
# define lstatsyscall lstat64
+# define fstatsyscall fstat64
#elif defined(__NR_stat)
typedef struct stat statstruct;
# define statsyscall stat
# define lstatsyscall lstat
+# define fstatsyscall fstat
#else
# error Missing stat syscall include.
#endif
#endif // mozilla_SandboxBrokerUtils_h
Reference in New Issue View Git Blame Copy Permalink