diff options
author | netblue30 <netblue30@yahoo.com> | 2015-12-12 10:31:52 -0500 |
---|---|---|
committer | netblue30 <netblue30@yahoo.com> | 2015-12-12 10:31:52 -0500 |
commit | f73d1fa4423298a5f66ef3fb6184f76fac327bd3 (patch) | |
tree | b205d8d7a9618837d43d5ee38957b41101c82e33 | |
parent | fixed --disable-chroot compilation (diff) | |
download | firejail-f73d1fa4423298a5f66ef3fb6184f76fac327bd3.tar.gz firejail-f73d1fa4423298a5f66ef3fb6184f76fac327bd3.tar.zst firejail-f73d1fa4423298a5f66ef3fb6184f76fac327bd3.zip |
tracelog fixes
-rw-r--r-- | etc/transmission-gtk.profile | 2 | ||||
-rw-r--r-- | etc/transmission-qt.profile | 1 | ||||
-rw-r--r-- | src/libtracelog/libtracelog.c | 56 |
3 files changed, 41 insertions, 18 deletions
diff --git a/etc/transmission-gtk.profile b/etc/transmission-gtk.profile index cf9793ee1..a66ab0d63 100644 --- a/etc/transmission-gtk.profile +++ b/etc/transmission-gtk.profile | |||
@@ -13,5 +13,7 @@ seccomp | |||
13 | protocol unix,inet,inet6 | 13 | protocol unix,inet,inet6 |
14 | netfilter | 14 | netfilter |
15 | noroot | 15 | noroot |
16 | tracelog | ||
17 | |||
16 | 18 | ||
17 | 19 | ||
diff --git a/etc/transmission-qt.profile b/etc/transmission-qt.profile index 7aca04fe7..ad23c62dc 100644 --- a/etc/transmission-qt.profile +++ b/etc/transmission-qt.profile | |||
@@ -13,4 +13,5 @@ seccomp | |||
13 | protocol unix,inet,inet6 | 13 | protocol unix,inet,inet6 |
14 | netfilter | 14 | netfilter |
15 | noroot | 15 | noroot |
16 | tracelog | ||
16 | 17 | ||
diff --git a/src/libtracelog/libtracelog.c b/src/libtracelog/libtracelog.c index ba8bdefeb..ac63e728b 100644 --- a/src/libtracelog/libtracelog.c +++ b/src/libtracelog/libtracelog.c | |||
@@ -66,6 +66,13 @@ static void storage_add(const char *str) { | |||
66 | #ifdef DEBUG | 66 | #ifdef DEBUG |
67 | printf("add %s\n", str); | 67 | printf("add %s\n", str); |
68 | #endif | 68 | #endif |
69 | if (!str) { | ||
70 | #ifdef DEBUG | ||
71 | printf("null pointer passed to storage_add\n"); | ||
72 | #endif | ||
73 | return; | ||
74 | } | ||
75 | |||
69 | ListElem *ptr = malloc(sizeof(ListElem)); | 76 | ListElem *ptr = malloc(sizeof(ListElem)); |
70 | if (!ptr) { | 77 | if (!ptr) { |
71 | fprintf(stderr, "Error: cannot allocate memory\n"); | 78 | fprintf(stderr, "Error: cannot allocate memory\n"); |
@@ -88,6 +95,12 @@ static char *storage_find(const char *str) { | |||
88 | #ifdef DEBUG | 95 | #ifdef DEBUG |
89 | printf("storage find %s\n", str); | 96 | printf("storage find %s\n", str); |
90 | #endif | 97 | #endif |
98 | if (!str) { | ||
99 | #ifdef DEBUG | ||
100 | printf("null pointer passed to storage_find\n"); | ||
101 | #endif | ||
102 | return NULL; | ||
103 | } | ||
91 | const char *tofind = str; | 104 | const char *tofind = str; |
92 | int allocated = 0; | 105 | int allocated = 0; |
93 | 106 | ||
@@ -193,6 +206,13 @@ void load_blacklist(void) { | |||
193 | 206 | ||
194 | 207 | ||
195 | static void sendlog(const char *name, const char *call, const char *path) { | 208 | static void sendlog(const char *name, const char *call, const char *path) { |
209 | if (!name || !call || !path) { | ||
210 | #ifdef DEBUG | ||
211 | printf("null pointer passed to sendlog\n"); | ||
212 | #endif | ||
213 | return; | ||
214 | } | ||
215 | |||
196 | openlog ("firejail", LOG_CONS | LOG_PID | LOG_NDELAY, LOG_LOCAL1); | 216 | openlog ("firejail", LOG_CONS | LOG_PID | LOG_NDELAY, LOG_LOCAL1); |
197 | if (sandbox_pid_str && sandbox_name_str) | 217 | if (sandbox_pid_str && sandbox_name_str) |
198 | syslog (LOG_INFO, "blacklist violation - sandbox %s, name %s, exe %s, syscall %s, path %s", | 218 | syslog (LOG_INFO, "blacklist violation - sandbox %s, name %s, exe %s, syscall %s, path %s", |
@@ -268,7 +288,7 @@ typedef int (*orig_open_t)(const char *pathname, int flags, mode_t mode); | |||
268 | static orig_open_t orig_open = NULL; | 288 | static orig_open_t orig_open = NULL; |
269 | int open(const char *pathname, int flags, mode_t mode) { | 289 | int open(const char *pathname, int flags, mode_t mode) { |
270 | #ifdef DEBUG | 290 | #ifdef DEBUG |
271 | printf("%s\n", __FUNCTION__); | 291 | printf("%s %s\n", __FUNCTION__, pathname); |
272 | #endif | 292 | #endif |
273 | if (!orig_open) | 293 | if (!orig_open) |
274 | orig_open = (orig_open_t)dlsym(RTLD_NEXT, "open"); | 294 | orig_open = (orig_open_t)dlsym(RTLD_NEXT, "open"); |
@@ -310,7 +330,7 @@ typedef int (*orig_openat_t)(int dirfd, const char *pathname, int flags, mode_t | |||
310 | static orig_openat_t orig_openat = NULL; | 330 | static orig_openat_t orig_openat = NULL; |
311 | int openat(int dirfd, const char *pathname, int flags, mode_t mode) { | 331 | int openat(int dirfd, const char *pathname, int flags, mode_t mode) { |
312 | #ifdef DEBUG | 332 | #ifdef DEBUG |
313 | printf("%s\n", __FUNCTION__); | 333 | printf("%s %s\n", __FUNCTION__, pathname); |
314 | #endif | 334 | #endif |
315 | if (!orig_openat) | 335 | if (!orig_openat) |
316 | orig_openat = (orig_openat_t)dlsym(RTLD_NEXT, "openat"); | 336 | orig_openat = (orig_openat_t)dlsym(RTLD_NEXT, "openat"); |
@@ -327,7 +347,7 @@ typedef int (*orig_openat64_t)(int dirfd, const char *pathname, int flags, mode_ | |||
327 | static orig_openat64_t orig_openat64 = NULL; | 347 | static orig_openat64_t orig_openat64 = NULL; |
328 | int openat64(int dirfd, const char *pathname, int flags, mode_t mode) { | 348 | int openat64(int dirfd, const char *pathname, int flags, mode_t mode) { |
329 | #ifdef DEBUG | 349 | #ifdef DEBUG |
330 | printf("%s\n", __FUNCTION__); | 350 | printf("%s %s\n", __FUNCTION__, pathname); |
331 | #endif | 351 | #endif |
332 | if (!orig_openat64) | 352 | if (!orig_openat64) |
333 | orig_openat64 = (orig_openat64_t)dlsym(RTLD_NEXT, "openat64"); | 353 | orig_openat64 = (orig_openat64_t)dlsym(RTLD_NEXT, "openat64"); |
@@ -344,7 +364,7 @@ int openat64(int dirfd, const char *pathname, int flags, mode_t mode) { | |||
344 | // fopen | 364 | // fopen |
345 | FILE *fopen(const char *pathname, const char *mode) { | 365 | FILE *fopen(const char *pathname, const char *mode) { |
346 | #ifdef DEBUG | 366 | #ifdef DEBUG |
347 | printf("%s\n", __FUNCTION__); | 367 | printf("%s %s\n", __FUNCTION__, pathname); |
348 | #endif | 368 | #endif |
349 | if (!orig_fopen) | 369 | if (!orig_fopen) |
350 | orig_fopen = (orig_fopen_t)dlsym(RTLD_NEXT, "fopen"); | 370 | orig_fopen = (orig_fopen_t)dlsym(RTLD_NEXT, "fopen"); |
@@ -360,7 +380,7 @@ FILE *fopen(const char *pathname, const char *mode) { | |||
360 | #ifdef __GLIBC__ | 380 | #ifdef __GLIBC__ |
361 | FILE *fopen64(const char *pathname, const char *mode) { | 381 | FILE *fopen64(const char *pathname, const char *mode) { |
362 | #ifdef DEBUG | 382 | #ifdef DEBUG |
363 | printf("%s\n", __FUNCTION__); | 383 | printf("%s %s\n", __FUNCTION__, pathname); |
364 | #endif | 384 | #endif |
365 | if (!orig_fopen64) | 385 | if (!orig_fopen64) |
366 | orig_fopen64 = (orig_fopen_t)dlsym(RTLD_NEXT, "fopen64"); | 386 | orig_fopen64 = (orig_fopen_t)dlsym(RTLD_NEXT, "fopen64"); |
@@ -380,7 +400,7 @@ typedef FILE *(*orig_freopen_t)(const char *pathname, const char *mode, FILE *st | |||
380 | static orig_freopen_t orig_freopen = NULL; | 400 | static orig_freopen_t orig_freopen = NULL; |
381 | FILE *freopen(const char *pathname, const char *mode, FILE *stream) { | 401 | FILE *freopen(const char *pathname, const char *mode, FILE *stream) { |
382 | #ifdef DEBUG | 402 | #ifdef DEBUG |
383 | printf("%s\n", __FUNCTION__); | 403 | printf("%s %s\n", __FUNCTION__, pathname); |
384 | #endif | 404 | #endif |
385 | if (!orig_freopen) | 405 | if (!orig_freopen) |
386 | orig_freopen = (orig_freopen_t)dlsym(RTLD_NEXT, "freopen"); | 406 | orig_freopen = (orig_freopen_t)dlsym(RTLD_NEXT, "freopen"); |
@@ -398,7 +418,7 @@ typedef FILE *(*orig_freopen64_t)(const char *pathname, const char *mode, FILE * | |||
398 | static orig_freopen64_t orig_freopen64 = NULL; | 418 | static orig_freopen64_t orig_freopen64 = NULL; |
399 | FILE *freopen64(const char *pathname, const char *mode, FILE *stream) { | 419 | FILE *freopen64(const char *pathname, const char *mode, FILE *stream) { |
400 | #ifdef DEBUG | 420 | #ifdef DEBUG |
401 | printf("%s\n", __FUNCTION__); | 421 | printf("%s %s\n", __FUNCTION__, pathname); |
402 | #endif | 422 | #endif |
403 | if (!orig_freopen64) | 423 | if (!orig_freopen64) |
404 | orig_freopen64 = (orig_freopen64_t)dlsym(RTLD_NEXT, "freopen64"); | 424 | orig_freopen64 = (orig_freopen64_t)dlsym(RTLD_NEXT, "freopen64"); |
@@ -417,7 +437,7 @@ typedef int (*orig_unlink_t)(const char *pathname); | |||
417 | static orig_unlink_t orig_unlink = NULL; | 437 | static orig_unlink_t orig_unlink = NULL; |
418 | int unlink(const char *pathname) { | 438 | int unlink(const char *pathname) { |
419 | #ifdef DEBUG | 439 | #ifdef DEBUG |
420 | printf("%s\n", __FUNCTION__); | 440 | printf("%s %s\n", __FUNCTION__, pathname); |
421 | #endif | 441 | #endif |
422 | if (!orig_unlink) | 442 | if (!orig_unlink) |
423 | orig_unlink = (orig_unlink_t)dlsym(RTLD_NEXT, "unlink"); | 443 | orig_unlink = (orig_unlink_t)dlsym(RTLD_NEXT, "unlink"); |
@@ -434,7 +454,7 @@ typedef int (*orig_unlinkat_t)(int dirfd, const char *pathname, int flags); | |||
434 | static orig_unlinkat_t orig_unlinkat = NULL; | 454 | static orig_unlinkat_t orig_unlinkat = NULL; |
435 | int unlinkat(int dirfd, const char *pathname, int flags) { | 455 | int unlinkat(int dirfd, const char *pathname, int flags) { |
436 | #ifdef DEBUG | 456 | #ifdef DEBUG |
437 | printf("%s\n", __FUNCTION__); | 457 | printf("%s %s\n", __FUNCTION__, pathname); |
438 | #endif | 458 | #endif |
439 | if (!orig_unlinkat) | 459 | if (!orig_unlinkat) |
440 | orig_unlinkat = (orig_unlinkat_t)dlsym(RTLD_NEXT, "unlinkat"); | 460 | orig_unlinkat = (orig_unlinkat_t)dlsym(RTLD_NEXT, "unlinkat"); |
@@ -452,7 +472,7 @@ typedef int (*orig_mkdir_t)(const char *pathname, mode_t mode); | |||
452 | static orig_mkdir_t orig_mkdir = NULL; | 472 | static orig_mkdir_t orig_mkdir = NULL; |
453 | int mkdir(const char *pathname, mode_t mode) { | 473 | int mkdir(const char *pathname, mode_t mode) { |
454 | #ifdef DEBUG | 474 | #ifdef DEBUG |
455 | printf("%s\n", __FUNCTION__); | 475 | printf("%s %s\n", __FUNCTION__, pathname); |
456 | #endif | 476 | #endif |
457 | if (!orig_mkdir) | 477 | if (!orig_mkdir) |
458 | orig_mkdir = (orig_mkdir_t)dlsym(RTLD_NEXT, "mkdir"); | 478 | orig_mkdir = (orig_mkdir_t)dlsym(RTLD_NEXT, "mkdir"); |
@@ -469,7 +489,7 @@ typedef int (*orig_mkdirat_t)(int dirfd, const char *pathname, mode_t mode); | |||
469 | static orig_mkdirat_t orig_mkdirat = NULL; | 489 | static orig_mkdirat_t orig_mkdirat = NULL; |
470 | int mkdirat(int dirfd, const char *pathname, mode_t mode) { | 490 | int mkdirat(int dirfd, const char *pathname, mode_t mode) { |
471 | #ifdef DEBUG | 491 | #ifdef DEBUG |
472 | printf("%s\n", __FUNCTION__); | 492 | printf("%s %s\n", __FUNCTION__, pathname); |
473 | #endif | 493 | #endif |
474 | if (!orig_mkdirat) | 494 | if (!orig_mkdirat) |
475 | orig_mkdirat = (orig_mkdirat_t)dlsym(RTLD_NEXT, "mkdirat"); | 495 | orig_mkdirat = (orig_mkdirat_t)dlsym(RTLD_NEXT, "mkdirat"); |
@@ -486,7 +506,7 @@ typedef int (*orig_rmdir_t)(const char *pathname); | |||
486 | static orig_rmdir_t orig_rmdir = NULL; | 506 | static orig_rmdir_t orig_rmdir = NULL; |
487 | int rmdir(const char *pathname) { | 507 | int rmdir(const char *pathname) { |
488 | #ifdef DEBUG | 508 | #ifdef DEBUG |
489 | printf("%s\n", __FUNCTION__); | 509 | printf("%s %s\n", __FUNCTION__, pathname); |
490 | #endif | 510 | #endif |
491 | if (!orig_rmdir) | 511 | if (!orig_rmdir) |
492 | orig_rmdir = (orig_rmdir_t)dlsym(RTLD_NEXT, "rmdir"); | 512 | orig_rmdir = (orig_rmdir_t)dlsym(RTLD_NEXT, "rmdir"); |
@@ -504,7 +524,7 @@ typedef int (*orig_stat_t)(const char *pathname, struct stat *buf); | |||
504 | static orig_stat_t orig_stat = NULL; | 524 | static orig_stat_t orig_stat = NULL; |
505 | int stat(const char *pathname, struct stat *buf) { | 525 | int stat(const char *pathname, struct stat *buf) { |
506 | #ifdef DEBUG | 526 | #ifdef DEBUG |
507 | printf("%s\n", __FUNCTION__); | 527 | printf("%s %s\n", __FUNCTION__, pathname); |
508 | #endif | 528 | #endif |
509 | if (!orig_stat) | 529 | if (!orig_stat) |
510 | orig_stat = (orig_stat_t)dlsym(RTLD_NEXT, "stat"); | 530 | orig_stat = (orig_stat_t)dlsym(RTLD_NEXT, "stat"); |
@@ -522,7 +542,7 @@ typedef int (*orig_stat64_t)(const char *pathname, struct stat64 *buf); | |||
522 | static orig_stat64_t orig_stat64 = NULL; | 542 | static orig_stat64_t orig_stat64 = NULL; |
523 | int stat64(const char *pathname, struct stat64 *buf) { | 543 | int stat64(const char *pathname, struct stat64 *buf) { |
524 | #ifdef DEBUG | 544 | #ifdef DEBUG |
525 | printf("%s\n", __FUNCTION__); | 545 | printf("%s %s\n", __FUNCTION__, pathname); |
526 | #endif | 546 | #endif |
527 | if (!orig_stat) | 547 | if (!orig_stat) |
528 | orig_stat64 = (orig_stat64_t)dlsym(RTLD_NEXT, "stat64"); | 548 | orig_stat64 = (orig_stat64_t)dlsym(RTLD_NEXT, "stat64"); |
@@ -540,7 +560,7 @@ typedef int (*orig_lstat_t)(const char *pathname, struct stat *buf); | |||
540 | static orig_lstat_t orig_lstat = NULL; | 560 | static orig_lstat_t orig_lstat = NULL; |
541 | int lstat(const char *pathname, struct stat *buf) { | 561 | int lstat(const char *pathname, struct stat *buf) { |
542 | #ifdef DEBUG | 562 | #ifdef DEBUG |
543 | printf("%s\n", __FUNCTION__); | 563 | printf("%s %s\n", __FUNCTION__, pathname); |
544 | #endif | 564 | #endif |
545 | if (!orig_lstat) | 565 | if (!orig_lstat) |
546 | orig_lstat = (orig_lstat_t)dlsym(RTLD_NEXT, "lstat"); | 566 | orig_lstat = (orig_lstat_t)dlsym(RTLD_NEXT, "lstat"); |
@@ -558,7 +578,7 @@ typedef int (*orig_lstat64_t)(const char *pathname, struct stat64 *buf); | |||
558 | static orig_lstat64_t orig_lstat64 = NULL; | 578 | static orig_lstat64_t orig_lstat64 = NULL; |
559 | int lstat64(const char *pathname, struct stat64 *buf) { | 579 | int lstat64(const char *pathname, struct stat64 *buf) { |
560 | #ifdef DEBUG | 580 | #ifdef DEBUG |
561 | printf("%s\n", __FUNCTION__); | 581 | printf("%s %s\n", __FUNCTION__, pathname); |
562 | #endif | 582 | #endif |
563 | if (!orig_lstat) | 583 | if (!orig_lstat) |
564 | orig_lstat64 = (orig_lstat64_t)dlsym(RTLD_NEXT, "lstat64"); | 584 | orig_lstat64 = (orig_lstat64_t)dlsym(RTLD_NEXT, "lstat64"); |
@@ -577,7 +597,7 @@ typedef int (*orig_access_t)(const char *pathname, int mode); | |||
577 | static orig_access_t orig_access = NULL; | 597 | static orig_access_t orig_access = NULL; |
578 | int access(const char *pathname, int mode) { | 598 | int access(const char *pathname, int mode) { |
579 | #ifdef DEBUG | 599 | #ifdef DEBUG |
580 | printf("%s\n", __FUNCTION__); | 600 | printf("%s, %s\n", __FUNCTION__, pathname); |
581 | #endif | 601 | #endif |
582 | if (!orig_access) | 602 | if (!orig_access) |
583 | orig_access = (orig_access_t)dlsym(RTLD_NEXT, "access"); | 603 | orig_access = (orig_access_t)dlsym(RTLD_NEXT, "access"); |
@@ -595,7 +615,7 @@ typedef DIR *(*orig_opendir_t)(const char *pathname); | |||
595 | static orig_opendir_t orig_opendir = NULL; | 615 | static orig_opendir_t orig_opendir = NULL; |
596 | DIR *opendir(const char *pathname) { | 616 | DIR *opendir(const char *pathname) { |
597 | #ifdef DEBUG | 617 | #ifdef DEBUG |
598 | printf("%s\n", __FUNCTION__); | 618 | printf("%s %s\n", __FUNCTION__, pathname); |
599 | #endif | 619 | #endif |
600 | if (!orig_opendir) | 620 | if (!orig_opendir) |
601 | orig_opendir = (orig_opendir_t)dlsym(RTLD_NEXT, "opendir"); | 621 | orig_opendir = (orig_opendir_t)dlsym(RTLD_NEXT, "opendir"); |