>Number:         29654
>Category:       bin
>Synopsis:       systrace might corrupt syscall arguments
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    bin-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Thu Mar 10 21:30:00 +0000 2005
>Originator:     Christian Biere
>Release:        NetBSD 2.99.11
>Environment:
System: NetBSD cyclonus 2.99.11 NetBSD 2.99.11 (STARSCREAM) #4: Fri Jan 7 14:02:19 CET 2005 bin@cyclonus:/usr/obj/sys/arch/i386/compile/STARSCREAM i386
Architecture: i386
Machine: i386
>Description:
When using systrace with pkgsrc/www/links I get the following log message:

Mar 10 21:59:02 localhost systrace: deny user: user, prog: /usr/pkg/bin/links,
 pid: 5940(0)[0], policy: /usr/pkg/bin/links, filters: 71, syscall: netbsd-conne
ct(98), sockaddr: family(252)

After that, the process hangs in "systrmsg":
5940 user   10    0  4488K 4352K systrmsg   0:00  0.00%  0.00% links

links uses PF_INET, not protocol family 252. The connect() call happens
in connect.c dns_found(). By default, links fork()s a process to workaround
the blocking nature of gethostbyname() and this bug is probably related
to bin/29607 because the connect() call gets interrupted by SIGCHLD. If
I modify links to ignore SIGCHLD instead of catching it, the problem
disappears.

I suppose that either the kernel part of systrace causes a partial
copy resp. corruption of the syscall data or that it's caused by the
filter and/or log code in the userland part.

>How-To-Repeat:

Install pkgsrc/www/links.
systrace -A links http://www.example.com/
systrace -a links http://www.example.com/

However, if you use "netbsd-connect: permit" in the policy (leave out
any conditions or logging), the problem doesn't occur.

I tried to extend the program in bin/29607 to reproduce this problem
but couldn't trigger it.

>Fix: