Lunar: > David Goulet: > > Now the issue was detected with firefox which uses a custom malloc hook > > meaning that it handles its own memory allocation. This hook uses mmap() > > that firefox redefines to be a direct syscall(__NR_mmap, ...) and > > remember that this symbol is hijacked by torsocks. > > […] > > It's a bit of a catch 22 because torsocks is basically looking for the > > libc syscall symbol but then it gets call inside that lookup code > > path... > > Wouldn't one way out be to also hook malloc to use a > static buffer until dlsym() is done? The code snippet in the following > answer is doing just that: > <http://stackoverflow.com/a/10008252>
Meh… scratch that. It looks like defining calloc() in libtorsocks.so is not enough to have our own function called. Not sure why. With the attached patch, at least we panic cleanly. -- Lunar <lu...@torproject.org>
diff --git a/src/lib/syscall.c b/src/lib/syscall.c index 0edd460..d520c0a 100644 --- a/src/lib/syscall.c +++ b/src/lib/syscall.c @@ -17,6 +17,8 @@ #include <assert.h> #include <stdarg.h> +#include <stdlib.h> +#include <stdio.h> #include <common/log.h> @@ -112,6 +114,19 @@ LIBC_SYSCALL_DECL LIBC_SYSCALL_RET_TYPE ret; va_list args; +#if defined(SYS_mmap) || defined(SYS_mmap2) + if (NULL == tsocks_libc_syscall) { + switch (__number) { + case SYS_mmap: +#ifdef SYS_mmap2 + case SYS_mmap2: +#endif + fprintf(stderr, "Panic! mmap has been called before we had our hands on the real syscall()\n"); + exit(EXIT_FAILURE); + break; + } + } +#endif /* Find symbol if not already set. Exit if not found. */ tsocks_libc_syscall = tsocks_find_libc_symbol(LIBC_SYSCALL_NAME_STR, TSOCKS_SYM_EXIT_NOT_FOUND);
signature.asc
Description: Digital signature
_______________________________________________ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev