#include <errno.h>
#include <string.h>
#include <syslog.h>
+#include <limits.h>
#ifndef PTRACE_EVENT_STOP
/* PTRACE_EVENT_STOP is defined in linux/ptrace.h, but this header
case SECCOMP_TRACE:
preload = "/lib/libpreload-seccomp.so";
newenv = 2;
- asprintf(&_envp[1], "SECCOMP_FILE=%s", json ? json : "");
+ if (asprintf(&_envp[1], "SECCOMP_FILE=%s", json ? json : "") < 0)
+ ULOG_ERR("failed to allocate SECCOMP_FILE env: %m\n");
+
kill(getpid(), SIGSTOP);
break;
}
- asprintf(&_envp[0], "LD_PRELOAD=%s%s%s", preload,
- old_preload ? ":" : "",
- old_preload ? old_preload : "");
+ if (asprintf(&_envp[0], "LD_PRELOAD=%s%s%s", preload,
+ old_preload ? ":" : "",
+ old_preload ? old_preload : "") < 0)
+ ULOG_ERR("failed to allocate LD_PRELOAD env: %m\n");
+
memcpy(&_envp[newenv], envp, envc * sizeof(char *));
ret = execve(_argv[0], _argv, _envp);
- ULOG_ERR("failed to exec %s: %s\n", _argv[0], strerror(errno));
+ ULOG_ERR("failed to exec %s: %m\n", _argv[0]);
free(_argv);
free(_envp);
return -1;
}
+ /* Initialize uloop to catch all ptrace stops from now on. */
+ uloop_init();
+
int ptrace_options = PTRACE_O_TRACEFORK | PTRACE_O_TRACEVFORK | PTRACE_O_TRACECLONE;
switch (mode) {
case UTRACE:
break;
}
if (ptrace(PTRACE_SEIZE, child, 0, ptrace_options) == -1) {
- ULOG_ERR("PTRACE_SEIZE: %s\n", strerror(errno));
+ ULOG_ERR("PTRACE_SEIZE: %m\n");
return -1;
}
if (ptrace(ptrace_restart, child, 0, SIGCONT) == -1) {
- ULOG_ERR("ptrace_restart: %s\n", strerror(errno));
+ ULOG_ERR("ptrace_restart: %m\n");
return -1;
}
- uloop_init();
tracer.proc.pid = child;
tracer.proc.cb = tracer_cb;
uloop_process_add(&tracer.proc);
case UTRACE:
if (!json)
if (asprintf(&json, "/tmp/%s.%u.json", basename(*argv), child) < 0)
- ULOG_ERR("failed to allocate output path: %s\n", strerror(errno));
+ ULOG_ERR("failed to allocate output path: %m\n");
break;
case SECCOMP_TRACE:
if (!violation_count)
return 0;
- asprintf(&json, "/tmp/%s.%u.violations.json", basename(*argv), child);
+ if (asprintf(&json, "/tmp/%s.%u.violations.json", basename(*argv), child) < 0)
+ ULOG_ERR("failed to allocate violations output path: %m\n");
break;
}
print_syscalls(policy, json);