Prevent wob from doing fstat syscall in pledged environment

fixes #62
francma · Feb 6, 2021 · ce6fea7 · ce6fea7
1 parent 93b9351
commit ce6fea7
Show file tree

Hide file tree

Showing 2 changed files with 12 additions and 1 deletion.
diff --git a/main.c b/main.c
@@ -20,6 +20,8 @@
 
 #define MIN(a, b) (((a) < (b)) ? (a) : (b))
 
+#define STDIN_BUFFER_LENGTH INPUT_BUFFER_LENGTH
+
 #define _POSIX_C_SOURCE 200809L
 #include <errno.h>
 #include <getopt.h>
@@ -469,12 +471,22 @@ wob_draw_percentage(const struct wob_geom *geom, uint32_t *argb, struct wob_colo
 	}
 }
 
+static char stdin_buffer[STDIN_BUFFER_LENGTH];
+
 int
 main(int argc, char **argv)
 {
 	wob_log_use_colors(isatty(STDERR_FILENO));
 	wob_log_level_warn();
 
+	// libc is doing fstat syscall to determine the optimal buffer size and that can be problematic to wob_pledge()
+	// to solve this problem we can just pass the optimal buffer ourselves
+	if (setvbuf(stdin, stdin_buffer, _IOFBF, sizeof(stdin_buffer)) != 0) {
+		wob_log_error("Failed to set stdin buffer size to %zu", sizeof(stdin_buffer));
+
+		return EXIT_FAILURE;
+	}
+
 	const char *usage =
 		"Usage: wob [options]\n"
 		"\n"

diff --git a/pledge_seccomp.c b/pledge_seccomp.c
@@ -21,7 +21,6 @@ wob_pledge(void)
 		SCMP_SYS(exit),
 		SCMP_SYS(exit_group),
 		SCMP_SYS(fcntl),
-		SCMP_SYS(fstat),
 		SCMP_SYS(gettimeofday),
 		SCMP_SYS(poll),
 		SCMP_SYS(ppoll),