Index: sandbox/linux/seccomp-bpf/trap.cc |
diff --git a/sandbox/linux/seccomp-bpf/trap.cc b/sandbox/linux/seccomp-bpf/trap.cc |
index 78a78ee5d09ac68de5ba711eae428c5f8b0e4b01..d9c4a5e95bfa609b288e73cce39d664a4382f32b 100644 |
--- a/sandbox/linux/seccomp-bpf/trap.cc |
+++ b/sandbox/linux/seccomp-bpf/trap.cc |
@@ -114,17 +114,28 @@ void Trap::SigSys(int nr, siginfo_t *info, void *void_context) { |
// Various sanity checks to make sure we actually received a signal |
// triggered by a BPF filter. If something else triggered SIGSYS |
// (e.g. kill()), there is really nothing we can do with this signal. |
- if (nr != SIGSYS || info->si_code != SYS_SECCOMP || !void_context || |
- info->si_errno <= 0 || |
+ // NOTE: SANDBOX_DIE() can call LOG(FATAL). This is not normally async-signal |
+ // safe and can lead to bugs. We should eventually implement a different |
+ // logging and reporting mechanism that is safe to be called from |
+ // the sigSys() handler. |
+ // TODO: If we feel confident that our code otherwise works correctly, we |
+ // could actually make an argument that spurious SIGSYS should |
+ // just get silently ignored. TBD |
+ if (nr != SIGSYS) { |
+ SANDBOX_DIE("SIGSYS handler called with unexpected signal number %d.", nr); |
+ } |
+ if (info->si_code != SYS_SECCOMP) { |
+ SANDBOX_DIE("SIGSYS handler called with unexpected signal code %x " |
+ "(expected %x).", info->si_code, SYS_SECCOMP); |
+ } |
+ if (!void_context) { |
+ SANDBOX_DIE("SIGSYS handler called without a signal context."); |
+ } |
+ if (info->si_errno <= 0 || |
static_cast<size_t>(info->si_errno) > trap_array_size_) { |
- // SANDBOX_DIE() can call LOG(FATAL). This is not normally async-signal |
- // safe and can lead to bugs. We should eventually implement a different |
- // logging and reporting mechanism that is safe to be called from |
- // the sigSys() handler. |
- // TODO: If we feel confident that our code otherwise works correctly, we |
- // could actually make an argument that spurious SIGSYS should |
- // just get silently ignored. TBD |
- SANDBOX_DIE("Unexpected SIGSYS received."); |
+ SANDBOX_DIE("SIGSYS handler called for unexpected trap number %d. We " |
+ "expect traps to be bigger than 0 and less or equal to %d.", |
+ info->si_errno, trap_array_size_); |
} |
// Signal handlers should always preserve "errno". Otherwise, we could |