1. 16 Nov, 2017 2 commits
  2. 05 Jul, 2017 1 commit
  3. 16 Jun, 2017 1 commit
  4. 26 Apr, 2017 1 commit
    • Nick Mathewson's avatar
      Add getpid() to the seccomp2 sandbox. · 99e94399
      Nick Mathewson authored
      We hadn't needed this before, because most getpid() callers on Linux
      were looking at the vDSO version of getpid().  I don't know why at
      least one version of OpenSSL seems to be ignoring the vDSO, but this
      change should fix it.
      
      Fixes bug 21943; bugfix on 0.2.5.1-alpha when the sandbox was
      introduced.
      99e94399
  5. 01 Dec, 2016 1 commit
  6. 05 Sep, 2016 1 commit
  7. 23 Aug, 2016 1 commit
  8. 21 Jul, 2016 1 commit
  9. 11 Jul, 2016 1 commit
    • Peter Palfrader's avatar
      Add (SOCK_DGRAM, IPPROTO_UDP) sockets to the sandboxing whitelist · 36b06be7
      Peter Palfrader authored
      If we did not find a non-private IPaddress by iterating over interfaces,
      we would try to get one via
      get_interface_address6_via_udp_socket_hack().  This opens a datagram
      socket with IPPROTO_UDP.  Previously all our datagram sockets (via
      libevent) used IPPROTO_IP, so we did not have that in the sandboxing
      whitelist.  Add (SOCK_DGRAM, IPPROTO_UDP) sockets to the sandboxing
      whitelist.  Fixes bug 19660.
      36b06be7
  10. 08 Jul, 2016 1 commit
  11. 05 Jul, 2016 1 commit
    • Nick Mathewson's avatar
      Grammar. · 8ba4ba0a
      Nick Mathewson authored
      I grepped and hand-inspected the "it's" instances, to see if any
      were supposed to be possessive.  While doing that, I found a
      "the the", so I grepped to see if there were any more.
      8ba4ba0a
  12. 17 Jun, 2016 1 commit
    • cypherpunks's avatar
      Use the Autoconf macro AC_USE_SYSTEM_EXTENSIONS · 94762e37
      cypherpunks authored and Nick Mathewson's avatar Nick Mathewson committed
      The Autoconf macro AC_USE_SYSTEM_EXTENSIONS defines preprocessor macros
      which turn on extensions to C and POSIX. The macro also makes it easier
      for developers to use the extensions without needing (or forgetting) to
      define them manually.
      
      The macro can be safely used because it was introduced in Autoconf 2.60
      and Tor requires Autoconf 2.63 and above.
      94762e37
  13. 11 Jun, 2016 1 commit
  14. 26 Mar, 2016 2 commits
  15. 22 Mar, 2016 1 commit
  16. 14 Mar, 2016 2 commits
  17. 27 Feb, 2016 1 commit
  18. 24 Feb, 2016 1 commit
  19. 16 Dec, 2015 1 commit
  20. 15 Dec, 2015 1 commit
    • cypherpunks's avatar
      Fix backtrace compilation on FreeBSD · 07cca627
      cypherpunks authored and Nick Mathewson's avatar Nick Mathewson committed
      On FreeBSD backtrace(3) uses size_t instead of int (as glibc does). This
      causes integer precision loss errors when we used int to store its
      results.
      
      The issue is fixed by using size_t to store the results of backtrace(3).
      
      The manual page of glibc does not mention that backtrace(3) returns
      negative values. Therefore, no unsigned integer wrapping occurs when its
      result is stored in an unsigned data type.
      07cca627
  21. 08 Dec, 2015 1 commit
  22. 15 Oct, 2015 2 commits
  23. 15 Jun, 2015 1 commit
    • Nick Mathewson's avatar
      Fix another seccomp2 issue · 59fa0c2d
      Nick Mathewson authored
      Allow pipe() and pipe2() syscalls; we need these when eventfd2()
      support is missing. Fixes bug 16363; bugfix on 0.2.6.3-alpha.  Patch
      from "teor".
      59fa0c2d
  24. 02 Jun, 2015 1 commit
  25. 28 May, 2015 1 commit
  26. 04 Mar, 2015 1 commit
  27. 23 Feb, 2015 1 commit
  28. 11 Feb, 2015 1 commit
    • Nick Mathewson's avatar
      Fix crash on glibc __libc_message() · f5f6d13e
      Nick Mathewson authored
      __libc_message() tries to open /dev/tty with O_RDWR, but the sandbox
      catches that and calls it a crash.  Instead, I'm making the sandbox
      setenv LIBC_FATAL_STDERR_, so that glibc uses stderr instead.
      
      Fix for 14759, bugfix on 0.2.5.1-alpha
      f5f6d13e
  29. 02 Jan, 2015 1 commit
  30. 30 Dec, 2014 1 commit
  31. 23 Dec, 2014 2 commits
  32. 28 Oct, 2014 1 commit
  33. 29 Sep, 2014 1 commit
  34. 02 Sep, 2014 1 commit
    • Nick Mathewson's avatar
      Another clang analyzer complaint wrt HT_GENERATE · 00ffccd9
      Nick Mathewson authored
      We're calling mallocfn() and reallocfn() in the HT_GENERATE macro
      with the result of a product.  But that makes any sane analyzer
      worry about overflow.
      
      This patch keeps HT_GENERATE having its old semantics, since we
      aren't the only project using ht.h.  Instead, define a HT_GENERATE2
      that takes a reallocarrayfn.
      00ffccd9
  35. 25 Aug, 2014 1 commit