Hi Tim,
Thanks for the finding! A quick fix would be to check if snaplen was previously
set and only apply the pledge if it wasn't.
Otherwise I can just revert it back. Comments?
Index: pflogd.c
===================================================================
RCS file: /cvs/src/sbin/pflogd/pflogd.c,v
retrieving revision 1.53
diff -u -p -u -r1.53 pflogd.c
--- pflogd.c 16 Jan 2016 03:17:48 -0000 1.53
+++ pflogd.c 4 Jul 2017 14:30:47 -0000
@@ -557,6 +557,7 @@ main(int argc, char **argv)
const char *errstr = NULL;
ret = 0;
+ setsnaplen = 0;
closefrom(STDERR_FILENO + 1);
@@ -583,6 +584,7 @@ main(int argc, char **argv)
snaplen = DEF_SNAPLEN;
if (errstr)
snaplen = PFLOGD_MAXSNAPLEN;
+ setsnaplen = 1;
break;
case 'x':
Xflag = 1;
Index: pflogd.h
===================================================================
RCS file: /cvs/src/sbin/pflogd/pflogd.h,v
retrieving revision 1.5
diff -u -p -u -r1.5 pflogd.h
--- pflogd.h 10 Oct 2015 22:36:06 -0000 1.5
+++ pflogd.h 4 Jul 2017 14:30:47 -0000
@@ -47,3 +47,4 @@ void send_fd(int, int);
int receive_fd(int);
extern int Debug;
+int setsnaplen;
Index: privsep.c
===================================================================
RCS file: /cvs/src/sbin/pflogd/privsep.c,v
retrieving revision 1.25
diff -u -p -u -r1.25 privsep.c
--- privsep.c 12 Jun 2017 23:37:44 -0000 1.25
+++ privsep.c 4 Jul 2017 14:30:47 -0000
@@ -118,8 +118,10 @@ priv_init(void)
setproctitle("[priv]");
close(socks[1]);
- if (pledge("stdio rpath wpath cpath sendfd proc bpf", NULL) == -1)
- err(1, "pledge");
+ if (setsnaplen == 0) {
+ if (pledge("stdio rpath wpath cpath sendfd proc bpf", NULL) ==
-1)
+ err(1, "pledge");
+ }
while (!gotsig_chld) {
if (may_read(socks[0], &cmd, sizeof(int)))
On 15:49 Tue 04 Jul , Tim van der Molen wrote:
> Ricardo Mestre (2017-06-13 01:37 +0200):
> > CVSROOT: /cvs
> > Module name: src
> > Changes by: [email protected] 2017/06/12 17:37:44
> >
> > Modified files:
> > sbin/pflogd : privsep.c
> >
> > Log message:
> > pledge(2) bpf has been in use for some time now on tcpdump(8), this will
> > enable
> > it also for pflogd(8)'s priv proc.
> >
> > OK deraadt@
>
> This is a problem if the logfile has a different snaplen:
>
> sigma:/usr/src/sbin/pflogd $ doas obj/pflogd -Ds 200
> [priv]: msg PRIV_OPEN_LOG received
> Existing file has different snaplen 160, using it
> [priv]: msg PRIV_SET_SNAPLENGTH received
> Abort trap (core dumped)
>
> dmesg:
>
> pflogd(27017): syscall 54 "tty"
>
> Backtrace:
>
> #0 0x000010e809fd8f9a in ioctl () at {standard input}:5
> #1 0x000010e817f4ee76 in pcap_setfilter (p=0x10e81e1cfe00,
> fp=0x7f7ffffe13d0) at /usr/src/lib/libpcap/pcap-bpf.c:923
> #2 0x000010e603201624 in set_pcap_filter () at
> /usr/src/sbin/pflogd/pflogd.c:188
> #3 0x000010e603202384 in priv_init () at /usr/src/sbin/pflogd/privsep.c:187
> #4 0x000010e603201a0b in main (argc=3, argv=0x7f7ffffe1918) at
> /usr/src/sbin/pflogd/pflogd.c:633
>
> /usr/src/lib/libpcap/pcap-bpf.c:923:
>
> } else if (ioctl(p->fd, BIOCSETF, (caddr_t)fp) < 0) {
>
