View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0000159 | file | General | public | 2020-04-28 22:07 | 2020-05-30 23:56 |
| Reporter | Lambda | Assigned To | christos | ||
| Priority | normal | Severity | crash | Reproducibility | always |
| Status | resolved | Resolution | fixed | ||
| Product Version | 5.38 | ||||
| Fixed in Version | 5.39 | ||||
| Summary | 0000159: Missing seccomp whitelist entry for getpid() | ||||
| Description | file_pipe2file() creates a new temporary file using mktemp()/mkstemp(), which use getpid() internally (at least in the glibc implementation). If seccomp support is enabled, the program crashes when this syscall is attempted to be used. | ||||
| Steps To Reproduce | $ file --version file-5.38 magic file from /usr/share/file/misc/magic seccomp support included glibc 2.31 A rare case of justified cat abuse can be employed to demonstrate the crash in file_pipe2file() (which is currently only used in file_tryelf()): $ cat /bin/file | file - Bad system call | ||||
| Tags | No tags attached. | ||||
| Date Modified | Username | Field | Change |
|---|---|---|---|
| 2020-04-28 22:07 | Lambda | New Issue | |
| 2020-05-30 23:56 | christos | Assigned To | => christos |
| 2020-05-30 23:56 | christos | Status | new => assigned |
| 2020-05-30 23:56 | christos | Status | assigned => resolved |
| 2020-05-30 23:56 | christos | Resolution | open => fixed |
| 2020-05-30 23:56 | christos | Fixed in Version | => 5.39 |
| 2020-05-30 23:56 | christos | Note Added: 0003417 |
