Add sandbox_is_active() check to dump_desc()

src/or/routerparse.c

@@ -28,6 +28,7 @@
 #include "routerparse.h"
 #include "entrynodes.h"
 #include "torcert.h"
+#include "sandbox.h"
 
 #undef log
 #include <math.h>
@@ -768,35 +769,49 @@ dump_desc(const char *desc, const char *type)
   tor_asprintf(&debugfile_base, "unparseable-desc.%s", digest_sha256_hex);
   debugfile = get_datadir_fname(debugfile_base);
 
-  if (len <= get_options()->MaxUnparseableDescSizeToLog) {
+  if (!sandbox_is_active()) {
-    if (!dump_desc_fifo_bump_hash(digest_sha256)) {
+    if (len <= get_options()->MaxUnparseableDescSizeToLog) {
-      /* Write it, and tell the main log about it */
+      if (!dump_desc_fifo_bump_hash(digest_sha256)) {
-      write_str_to_file(debugfile, desc, 1);
+        /* Write it, and tell the main log about it */
-      log_info(LD_DIR,
+        write_str_to_file(debugfile, desc, 1);
-               "Unable to parse descriptor of type %s with hash %s and "
+        log_info(LD_DIR,
-               "length %lu. See file %s in data directory for details.",
+                 "Unable to parse descriptor of type %s with hash %s and "
-               type, digest_sha256_hex, (unsigned long)len, debugfile_base);
+                 "length %lu. See file %s in data directory for details.",
-
+                 type, digest_sha256_hex, (unsigned long)len,
-      dump_desc_fifo_add_and_clean(debugfile, digest_sha256, len);
+                 debugfile_base);
-      /* Since we handed ownership over, don't free debugfile later */
+        dump_desc_fifo_add_and_clean(debugfile, digest_sha256, len);
-      debugfile = NULL;
+        /* Since we handed ownership over, don't free debugfile later */
+        debugfile = NULL;
+      } else {
+        /* We already had one with this hash dumped */
+        log_info(LD_DIR,
+                 "Unable to parse descriptor of type %s with hash %s and "
+                 "length %lu. Descriptor not dumped because one with that "
+                 "hash has already been dumped.",
+                 type, digest_sha256_hex, (unsigned long)len);
+        /* We do have to free debugfile in this case */
+      }
     } else {
-      /* We already had one with this hash dumped */
+      /* Just log that it happened without dumping */
       log_info(LD_DIR,
                "Unable to parse descriptor of type %s with hash %s and "
-               "length %lu. Descriptor not dumped because one with that hash "
+               "length %lu. Descriptor not dumped because it exceeds maximum"
-               "has already been dumped.",
+               " log size all by itself.",
                type, digest_sha256_hex, (unsigned long)len);
       /* We do have to free debugfile in this case */
     }
   } else {
-    /* Just log that it happened without dumping */
+    /*
+     * Not logging because the sandbox is active and seccomp2 apparently
+     * doesn't have a sensible way to allow filenames according to a pattern
+     * match.  (If we ever figure out how to say "allow writes to /regex/",
+     * remove this checK).
+     */
     log_info(LD_DIR,
-             "Unable to parse descriptor of type %s with hash %s and length "
+             "Unable to parse descriptor of type %s with hash %s and "
-             "%lu. Descriptor not dumped because it exceeds maximum log size "
+             "length %lu. Descriptor not dumped because the sandbox is "
-             "all by itself.",
+             "active",
              type, digest_sha256_hex, (unsigned long)len);
-    /* We do have to free debugfile in this case */
   }
 
   tor_free(debugfile_base);