diff options
Diffstat (limited to '0002-Bug-1660901-Support-the-fstat-like-subset-of-fstatat.patch')
| -rw-r--r-- | 0002-Bug-1660901-Support-the-fstat-like-subset-of-fstatat.patch | 46 |
1 files changed, 46 insertions, 0 deletions
diff --git a/0002-Bug-1660901-Support-the-fstat-like-subset-of-fstatat.patch b/0002-Bug-1660901-Support-the-fstat-like-subset-of-fstatat.patch new file mode 100644 index 0000000..427dfcd --- /dev/null +++ b/0002-Bug-1660901-Support-the-fstat-like-subset-of-fstatat.patch @@ -0,0 +1,46 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Jed Davis <jld@mozilla.com> +Date: Fri, 28 Aug 2020 09:23:58 +0000 +Subject: [PATCH] Bug 1660901 - Support the fstat-like subset of fstatat in the + Linux sandbox policies. r=gcp + +Differential Revision: https://phabricator.services.mozilla.com/D88499 +--- + security/sandbox/linux/SandboxFilter.cpp | 6 ++++++ + security/sandbox/linux/broker/SandboxBrokerUtils.h | 2 ++ + 2 files changed, 8 insertions(+) + +diff --git a/security/sandbox/linux/SandboxFilter.cpp b/security/sandbox/linux/SandboxFilter.cpp +index e522d61e065c..4087bdc07e01 100644 +--- a/security/sandbox/linux/SandboxFilter.cpp ++++ b/security/sandbox/linux/SandboxFilter.cpp +@@ -243,6 +243,12 @@ class SandboxPolicyCommon : public SandboxPolicyBase { + auto path = reinterpret_cast<const char*>(aArgs.args[1]); + auto buf = reinterpret_cast<statstruct*>(aArgs.args[2]); + auto flags = static_cast<int>(aArgs.args[3]); ++ ++ if (fd != AT_FDCWD && (flags & AT_EMPTY_PATH) != 0 && ++ strcmp(path, "") == 0) { ++ return ConvertError(fstatsyscall(fd, buf)); ++ } ++ + if (fd != AT_FDCWD && path[0] != '/') { + SANDBOX_LOG_ERROR("unsupported fd-relative fstatat(%d, \"%s\", %p, %d)", + fd, path, buf, flags); +diff --git a/security/sandbox/linux/broker/SandboxBrokerUtils.h b/security/sandbox/linux/broker/SandboxBrokerUtils.h +index 85a006740c2c..db33b5028e77 100644 +--- a/security/sandbox/linux/broker/SandboxBrokerUtils.h ++++ b/security/sandbox/linux/broker/SandboxBrokerUtils.h +@@ -19,10 +19,12 @@ + typedef struct stat64 statstruct; + # define statsyscall stat64 + # define lstatsyscall lstat64 ++# define fstatsyscall fstat64 + #elif defined(__NR_stat) + typedef struct stat statstruct; + # define statsyscall stat + # define lstatsyscall lstat ++# define fstatsyscall fstat + #else + # error Missing stat syscall include. + #endif |