Lunar: > David Goulet: > > Now the issue was detected with firefox which uses a custom malloc hook > > meaning that it handles its own memory allocation. This hook uses mmap() > > that firefox redefines to be a direct syscall(__NR_mmap, ...) and > > remember that this symbol is hijacked by torsocks. > > […] > > It's a bit of a catch 22 because torsocks is basically looking for the > > libc syscall symbol but then it gets call inside that lookup code > > path... > > Wouldn't one way out be to also hook malloc to use a > static buffer until dlsym() is done? The code snippet in the following > answer is doing just that: > <http://stackoverflow.com/a/10008252>
Meh… scratch that. It looks like defining calloc() in libtorsocks.so is not enough to have our own function called. Not sure why. With the attached patch, at least we panic cleanly. -- Lunar <[email protected]>
diff --git a/src/lib/syscall.c b/src/lib/syscall.c
index 0edd460..d520c0a 100644
--- a/src/lib/syscall.c
+++ b/src/lib/syscall.c
@@ -17,6 +17,8 @@
#include <assert.h>
#include <stdarg.h>
+#include <stdlib.h>
+#include <stdio.h>
#include <common/log.h>
@@ -112,6 +114,19 @@ LIBC_SYSCALL_DECL
LIBC_SYSCALL_RET_TYPE ret;
va_list args;
+#if defined(SYS_mmap) || defined(SYS_mmap2)
+ if (NULL == tsocks_libc_syscall) {
+ switch (__number) {
+ case SYS_mmap:
+#ifdef SYS_mmap2
+ case SYS_mmap2:
+#endif
+ fprintf(stderr, "Panic! mmap has been called before we
had our hands on the real syscall()\n");
+ exit(EXIT_FAILURE);
+ break;
+ }
+ }
+#endif
/* Find symbol if not already set. Exit if not found. */
tsocks_libc_syscall = tsocks_find_libc_symbol(LIBC_SYSCALL_NAME_STR,
TSOCKS_SYM_EXIT_NOT_FOUND);
signature.asc
Description: Digital signature
_______________________________________________ tor-dev mailing list [email protected] https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
