Bug 776988

Summary:	app-misc/mc-4.8.26 Bad system call
Product:	Gentoo Linux	Reporter:	Anton Bolshakov <anton.bugs>
Component:	Current packages	Assignee:	Sergei Trofimovich (RETIRED) <slyfox>
Status:	RESOLVED FIXED
Severity:	normal	CC:	axiator, base-system, daks18, gryf_esm, ivo97, polynomial-c, sam
Priority:	Normal
Version:	unspecified
Hardware:	All
OS:	Linux
URL:	https://midnight-commander.org/ticket/4219
See Also:	https://bugs.gentoo.org/show_bug.cgi?id=771096 https://bugs.astron.com/view.php?id=254
Whiteboard:
Package list:		Runtime testing required:	---
Attachments:	zip file with the issue Strace output

Description Anton Bolshakov 2021-03-18 00:28:11 UTC

Hi, I'm getting an error message when trying to "enter" into zip archive.
The error is the following:
file -L -z xxx.zip 
xxx.zip: Bad system call

The call is here:
https://github.com/MidnightCommander/mc/blob/master/src/filemanager/ext.c#L75
"file -z"

A quick workaround is to add "-S" option:

     -S, --no-sandbox
             On systems where libseccomp (https://github.com/seccomp/libseccomp) is available, the -S flag
             disables sandboxing which is enabled by default.  This option is needed for file to execute ex‐
             ternal decompressing programs, i.e. when the -z flag is specified and the built-in decompressors
             are not available.  On systems where sandboxing is not available, this option has no effect.


You might know a better solution

Upstream bug is here:
https://midnight-commander.org/ticket/4219

----------------
emerge --info
Portage 3.0.13 (python 3.9.2-final-0, default/linux/amd64/17.1/hardened, gcc-10.2.0, glibc-2.32-r7, 5.10.23-pentoo x86_64)
=================================================================
System uname: Linux-5.10.23-pentoo-x86_64-Intel-R-_Core-TM-_i7-10750H_CPU_@_2.60GHz-with-glibc2.32
KiB Mem:    16305120 total,   4332212 free
KiB Swap:    8388604 total,   8388604 free
Timestamp of repository gentoo: Wed, 17 Mar 2021 23:15:01 +0000
Head commit of repository gentoo: ba14151d1877254928dcfc804699e34090590f67
Timestamp of repository dotnet: Fri, 12 Mar 2021 12:05:49 +0000
Head commit of repository dotnet: b02a6125c2c415d20397c6d41df198f8f10f32d5

Head commit of repository pentoo: 77900c35f95bf44f11f966f263af39c012cf757d

Timestamp of repository steam-overlay: Thu, 11 Mar 2021 20:05:56 +0000
Head commit of repository steam-overlay: 694a071eb424fdfdfbbd2e43ecd334bb560f4356

sh bash 5.0_p18
ld GNU ld (Gentoo 2.35.1 p2) 2.35.1
app-shells/bash:          5.0_p18::gentoo
dev-java/java-config:     2.3.1::gentoo
dev-lang/perl:            5.30.3::gentoo
dev-lang/python:          3.8.8::gentoo, 3.9.2::gentoo
dev-util/cmake:           3.18.5::gentoo
sys-apps/baselayout:      2.7::gentoo
sys-apps/openrc:          0.42.1-r1::gentoo
sys-apps/sandbox:         2.20::gentoo
sys-devel/autoconf:       2.13-r1::gentoo, 2.69-r5::gentoo
sys-devel/automake:       1.13.4-r2::gentoo, 1.16.2-r1::gentoo
sys-devel/binutils:       2.35.1-r1::gentoo
sys-devel/gcc:            10.2.0-r5::gentoo
sys-devel/gcc-config:     2.3.3::gentoo
sys-devel/libtool:        2.4.6-r6::gentoo
sys-devel/make:           4.3::gentoo
sys-kernel/linux-headers: 5.10::gentoo (virtual/os-headers)
sys-libs/glibc:           2.32-r7::gentoo
Repositories:

gentoo
    location: /var/db/repos/gentoo
    sync-type: rsync
    sync-uri: rsync://rsync.asia.gentoo.org/gentoo-portage
    priority: -1000
    sync-rsync-verify-metamanifest: yes
    sync-rsync-verify-max-age: 24
    sync-rsync-verify-jobs: 1
    sync-rsync-extra-opts: 

dotnet
    location: /var/db/repos/dotnet
    sync-type: git
    sync-uri: https://github.com/gentoo-mirror/dotnet.git
    masters: gentoo

localrepo
    location: /var/db/repos/localrepo
    masters: gentoo

pentoo
    location: /var/db/repos/pentoo-overlay
    sync-type: git
    sync-uri: https://github.com/pentoo/pentoo-overlay
    masters: gentoo

steam-overlay
    location: /var/db/repos/steam-overlay
    sync-type: git
    sync-uri: https://github.com/gentoo-mirror/steam-overlay.git
    masters: gentoo

ACCEPT_KEYWORDS="amd64"
ACCEPT_LICENSE="@FREE"
CBUILD="x86_64-pc-linux-gnu"
CFLAGS="-march=native -O2 -pipe"
CHOST="x86_64-pc-linux-gnu"
CONFIG_PROTECT="/etc /etc/stunnel/stunnel.conf /usr/share/config /usr/share/gnupg/qualified.txt"
CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/dconf /etc/env.d /etc/fonts/fonts.conf /etc/gconf /etc/gentoo-release /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo"
CXXFLAGS="-march=native -O2 -pipe"
DISTDIR="/var/cache/distfiles"
EMERGE_DEFAULT_OPTS="--quiet-build"
ENV_UNSET="CARGO_HOME DBUS_SESSION_BUS_ADDRESS DISPLAY GOBIN GOPATH PERL5LIB PERL5OPT PERLPREFIX PERL_CORE PERL_MB_OPT PERL_MM_OPT XAUTHORITY XDG_CACHE_HOME XDG_CONFIG_HOME XDG_DATA_HOME XDG_RUNTIME_DIR"
FCFLAGS="-march=native -O2 -pipe"
FEATURES="assume-digests binpkg-docompress binpkg-dostrip binpkg-logs config-protect-if-modified distlocks ebuild-locks fixlafiles ipc-sandbox merge-sync multilib-strict network-sandbox news parallel-fetch pid-sandbox preserve-libs protect-owned qa-unresolved-soname-deps sandbox sfperms strict unknown-features-warn unmerge-logs unmerge-orphans userfetch userpriv usersandbox usersync xattr"
FFLAGS="-march=native -O2 -pipe"
GENTOO_MIRRORS="https://ftp.iij.ad.jp/pub/linux/gentoo/"
INSTALL_MASK="*.la"
LANG="en_US.utf8"
LDFLAGS="-Wl,-O1 -Wl,--as-needed -Wl,--defsym=__gentoo_check_ldflags__=0"
LINGUAS="en ru"
MAKEOPTS="-j12"
PKGDIR="/var/cache/binpkgs"
PORTAGE_BINHOST="https://pentoo.emjay-embedded.co.uk/Packages/amd64_r1-hardened/"
PORTAGE_CONFIGROOT="/"
PORTAGE_RSYNC_EXTRA_OPTS="--omit-dir-times"
PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --omit-dir-times --compress --force --whole-file --delete --stats --human-readable --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages --exclude=/.git"
PORTAGE_TMPDIR="/var/tmp"
USE="X a52 aac acl acpi activities alsa amd64 branding bzip2 cairo cdda crypt cups dbus declarative dri dri3 dts dvdr elogind emboss encode exif ffmpeg flac gif gtk gui hackrf hardened iconv icu ipv6 jpeg kde kipi kwallet lcms libglvnd libnotify libtirpc mad minipentoo mng mp3 mp4 mpeg multilib ncurses networkmanager nls nptl ogg opengl openmp pam pango pcre pdf phonon pie plasma png policykit ppds qml qt5 readline samba sdl seccomp semantic-desktop spell split-usr ssl ssp startup-notification svg tiff truetype udev udisks unicode upower usb vlc vorbis widgets wxwidgets x264 xattr xcb xinerama xml xtpax xv xvid zlib" ABI_X86="64" ADA_TARGET="gnat_2018" ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m maestro3 trident usb-audio via82xx via82xx-modem ymfpci" APACHE2_MODULES="authn_core authz_core socache_shmcb unixd actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache cgi cgid dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" CALLIGRA_FEATURES="karbon sheets words" COLLECTD_PLUGINS="df interface irq load memory rrdtool swap syslog" CPU_FLAGS_X86="mmx mmxext sse sse2" ELIBC="glibc" GPSD_PROTOCOLS="ashtech aivdm earthmate evermore fv18 garmin garmintxt gpsclock greis isync itrax mtk3301 nmea ntrip navcom oceanserver oldstyle oncore rtcm104v2 rtcm104v3 sirf skytraq superstar2 timing tsip tripmate tnt ublox ubx" INPUT_DEVICES="libinput synaptics" KERNEL="linux" L10N="en ru" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LIBREOFFICE_EXTENSIONS="presenter-console presenter-minimizer" LLVM_TARGETS="X86" LUA_SINGLE_TARGET="lua5-1" LUA_TARGETS="lua5-1" OFFICE_IMPLEMENTATION="libreoffice" PHP_TARGETS="php7-3 php7-4" POSTGRES_TARGETS="postgres10 postgres11" PYTHON_SINGLE_TARGET="python3_8" PYTHON_TARGETS="python3_8 python3_9" RUBY_TARGETS="ruby26" UNICORN_TARGETS="x86" USERLAND="GNU" VIDEO_CARDS="vesa intel i965 nvidia" XFCE_PLUGINS="brightness menu logout trash" XTABLES_ADDONS="quota2 psd pknock lscan length2 ipv4options ipset ipp2p iface geoip fuzzy condition tee tarpit sysrq proto steal rawnat logmark ipmark dhcpmac delude chaos account"
Unset:  CC, CPPFLAGS, CTARGET, CXX, LC_ALL, PORTAGE_BUNZIP2_COMMAND, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS

Comment 1 Sam James archtester

2021-03-18 00:47:08 UTC Comment hidden (obsolete)

Thanks for the report.

Let's start off with the easy bit and hope that it's that: what version of sys-apps/file? (please show emerge -pvO sys-apps/file and emerge --info).

We may get lucky and find that bug 771096 has already resolved your case.

If not, can you provide strace output (in addition to above information) like in that bug, of file failing on a zip file of yours?

We need to know exactly which syscall is being made.

Comment 2 Sam James archtester

2021-03-18 00:47:51 UTC

Thanks for the report.

Let's start off with the easy bit and hope that it's that: what version of sys-apps/file? (please show emerge -pvO sys-apps/file).

We may get lucky and find that bug 771096 has already resolved your case.

If not, can you provide strace output (in addition to above information) like in that bug, of file failing on a zip file of yours?

We need to know exactly which syscall is being made.

Comment 3 Anton Bolshakov 2021-03-18 02:13:16 UTC

[ebuild   R    ] sys-apps/file-5.39-r4::gentoo  USE="bzip2 seccomp zlib -lzma -python -static-libs" ABI_X86="(64) -32 (-x32)" PYTHON_TARGETS="python3_8 python3_9 -python3_7" 0 KiB

----------------------
strace file -L -z 0.zip 
execve("/usr/bin/file", ["file", "-L", "-z", "0.zip"], 0x7ffd7ad543d8 /* 73 vars */) = 0
brk(NULL)                               = 0x55f36e2b3000
access("/etc/ld.so.preload", R_OK)      = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=176645, ...}) = 0
mmap(NULL, 176645, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7fa037ed8000
close(3)                                = 0
openat(AT_FDCWD, "/usr/lib64/libmagic.so.1", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0PG\0\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0755, st_size=174096, ...}) = 0
mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa037ed6000
mmap(NULL, 177144, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7fa037eaa000
mmap(0x7fa037eae000, 114688, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x4000) = 0x7fa037eae000
mmap(0x7fa037eca000, 36864, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x20000) = 0x7fa037eca000
mmap(0x7fa037ed3000, 12288, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x28000) = 0x7fa037ed3000
close(3)                                = 0
openat(AT_FDCWD, "/usr/lib64/libseccomp.so.2", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\300Q\2\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0755, st_size=308984, ...}) = 0
mmap(NULL, 311344, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7fa037e5d000
mmap(0x7fa037e82000, 40960, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x25000) = 0x7fa037e82000
mmap(0x7fa037e8c000, 16384, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x2f000) = 0x7fa037e8c000
mmap(0x7fa037e90000, 106496, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x32000) = 0x7fa037e90000
close(3)                                = 0
openat(AT_FDCWD, "/lib64/libc.so.6", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\3\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0p@\2\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0755, st_size=1805928, ...}) = 0
mmap(NULL, 1819440, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7fa037ca0000
mmap(0x7fa037cc2000, 1335296, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x22000) = 0x7fa037cc2000
mmap(0x7fa037e08000, 307200, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x168000) = 0x7fa037e08000
mmap(0x7fa037e53000, 24576, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1b2000) = 0x7fa037e53000
mmap(0x7fa037e59000, 13104, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7fa037e59000
close(3)                                = 0
openat(AT_FDCWD, "/lib64/libbz2.so.1", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\340\"\0\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0755, st_size=74480, ...}) = 0
mmap(NULL, 76840, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7fa037c8d000
mmap(0x7fa037c8f000, 53248, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x2000) = 0x7fa037c8f000
mmap(0x7fa037c9c000, 8192, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0xf000) = 0x7fa037c9c000
mmap(0x7fa037c9e000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x10000) = 0x7fa037c9e000
close(3)                                = 0
openat(AT_FDCWD, "/lib64/libz.so.1", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\0203\0\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0755, st_size=100128, ...}) = 0
mmap(NULL, 102416, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7fa037c73000
mmap(0x7fa037c76000, 57344, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x3000) = 0x7fa037c76000
mmap(0x7fa037c84000, 28672, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x11000) = 0x7fa037c84000
mmap(0x7fa037c8b000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x17000) = 0x7fa037c8b000
close(3)                                = 0
mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa037c71000
arch_prctl(ARCH_SET_FS, 0x7fa037c71e80) = 0
mprotect(0x7fa037e53000, 16384, PROT_READ) = 0
mprotect(0x7fa037c8b000, 4096, PROT_READ) = 0
mprotect(0x7fa037c9e000, 4096, PROT_READ) = 0
mprotect(0x7fa037e90000, 102400, PROT_READ) = 0
mprotect(0x7fa037ed3000, 8192, PROT_READ) = 0
mprotect(0x55f36dd4d000, 4096, PROT_READ) = 0
mprotect(0x7fa037f2e000, 4096, PROT_READ) = 0
munmap(0x7fa037ed8000, 176645)          = 0
brk(NULL)                               = 0x55f36e2b3000
brk(0x55f36e2d4000)                     = 0x55f36e2d4000
openat(AT_FDCWD, "/usr/lib/locale/locale-archive", O_RDONLY|O_CLOEXEC) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=5543984, ...}) = 0
mmap(NULL, 5543984, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7fa037727000
close(3)                                = 0
prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0)  = 0
prctl(PR_SET_DUMPABLE, SUID_DUMP_DISABLE) = 0
prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0)  = 0
seccomp(SECCOMP_SET_MODE_STRICT, 1, NULL) = -1 EINVAL (Invalid argument)
seccomp(SECCOMP_SET_MODE_FILTER, 0, 0x55f36e2b4b60) = 0
stat(0x55f36e2b4f30, 0x7fff2b3efaf0)    = -1 ENOENT (No such file or directory)
stat(0x55f36e2b4f30, 0x7fff2b3efaf0)    = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, 0x55f36e2b8910, O_RDONLY) = 3
fstat(3, 0x7fff2b3efbe0)                = 0
mmap(NULL, 6652192, PROT_READ|PROT_WRITE, MAP_PRIVATE, 3, 0) = 0x7fa0370ce000
close(3)                                = 0
mprotect(0x7fa0370ce000, 6652192, PROT_READ) = 0
openat(AT_FDCWD, 0x7fa037e264d0, O_RDONLY) = 3
fstat(3, 0x7fff2b3ef960)                = 0
mmap(NULL, 26988, PROT_READ, MAP_SHARED, 3, 0) = 0x7fa037efd000
close(3)                                = 0
fstat(1, 0x7fff2b3ef520)                = 0
mmap(NULL, 1052672, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa036fcd000
stat(0x7fff2b3f0ea2, 0x7fff2b3efbc0)    = 0
openat(AT_FDCWD, 0x7fff2b3f0ea2, O_RDONLY|O_NONBLOCK) = 3
fstat(3, 0x7fff2b3efbc0)                = 0
read(3, 0x7fa036fcd010, 1048576)        = 246102
mmap(NULL, 1970176, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa036dec000
mmap(NULL, 249856, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa036daf000
munmap(0x7fa036daf000, 249856)          = 0
munmap(0x7fa036dec000, 1970176)         = 0
rt_sigaction(SIGPIPE, 0x7fff2b3ef710, 0x7fff2b3ef7b0, 8) = 0
write(1, 0x55f36e2b9520, 70.zip: )             = 7
pipe( <unfinished ...>)                 = ?
+++ killed by SIGSYS +++
Bad system call

--------------
zipinfo -v 0.zip 
Archive:  0.zip
There is no zipfile comment.

End-of-central-directory record:
-------------------------------

  Zip archive file size:                    246102 (000000000003C156h)
  Actual end-cent-dir record offset:        246080 (000000000003C140h)
  Expected end-cent-dir record offset:      246080 (000000000003C140h)
  (based on the length of the central directory and its expected offset)

  This zipfile constitutes the sole disk of a single-part archive; its
  central directory contains 1 entry.
  The central directory is 159 (000000000000009Fh) bytes long,
  and its (expected) offset in bytes from the beginning of the zipfile
  is 245921 (000000000003C0A1h).


Central directory entry #1:
---------------------------

  0.pdf

  offset of local header from start of archive:   0
                                                  (0000000000000000h) bytes
  file system or operating system of origin:      MS-DOS, OS/2 or NT FAT
  version of encoding software:                   6.3
  minimum file system compatibility required:     MS-DOS, OS/2 or NT FAT
  minimum software version required to extract:   2.0
  compression method:                             deflated
  compression sub-type (deflation):               normal
  file security status:                           encrypted
  extended local header:                          no
  file last modified on (DOS date/time):          2021 Feb 19 18:26:46
  32-bit CRC value (hex):                         30905a86
  compressed size:                                245814 bytes
  uncompressed size:                              303165 bytes
  length of filename:                             77 characters
  length of extra field:                          36 bytes
  length of file comment:                         0 characters
  disk number on which file begins:               disk 1
  apparent file type:                             binary
  non-MSDOS external file attributes:             000000 hex
  MS-DOS file attributes (20 hex):                arc 

  The central-directory extra field contains:
  - A subfield with ID 0x000a (PKWARE Win32) and 32 data bytes.  The first
    20 are:   00 00 00 00 01 00 18 00 15 02 34 b9 a9 06 d7 01 15 02 34 b9.

Comment 4 Anton Bolshakov 2021-03-18 03:21:24 UTC

Created attachment 692205 [details]
zip file with the issue

I tried few zip files and facing this problem with all of them.
So here is the smallest I found

Comment 5 Ivo Šmerek 2021-03-18 10:48:46 UTC

I can reproduce and confirm this. The --uncompress option with .zip files causes an invalid system call for me as well.

Comment 6 Ivo Šmerek 2021-03-18 10:49:12 UTC

Created attachment 692229 [details]
Strace output

Comment 7 Opportunist 2021-03-25 06:24:59 UTC

same here

Comment 8 aporilel 2021-03-31 18:22:08 UTC

I can confirm, and not only zip archives are affected, but also at least: lzma, xz, zstd

Comment 9 Sam James archtester

2021-03-31 18:46:07 UTC

(In reply to Anton Bolshakov from comment #0)
> 
> Upstream bug is here:
> https://midnight-commander.org/ticket/4219
> 

Upstream are waiting for a reply from you, I think.

(In reply to aporilel from comment #8)
> I can confirm, and not only zip archives are affected, but also at least:
> lzma, xz, zstd

Thanks. I haven't had a chance to test this yet.

Comment 10 Sam James archtester

2021-03-31 18:47:52 UTC

Something which would help a bit, is if anybody could fire up gdb on file with debugging symbols and show us a backtrace of when this happens.

Comment 11 Mike Gilbert gentoo-dev

2021-03-31 19:12:40 UTC

I suspect the file command is working as designed. The seccomp policy installed by file prohibits execution of external commands, but it needs to call unzip to look "inside" a zip file.

This is even mentioned in the manpage that was quoted in comment 0.

I think app-misc/mc would need to be updated to stop passing "-z" to file, or to add the "-S" option.

Comment 12 Sam James archtester

2021-03-31 19:50:07 UTC

(In reply to Mike Gilbert from comment #11)
> I suspect the file command is working as designed. The seccomp policy
> installed by file prohibits execution of external commands, but it needs to
> call unzip to look "inside" a zip file.
> 
> This is even mentioned in the manpage that was quoted in comment 0.
> 
> I think app-misc/mc would need to be updated to stop passing "-z" to file,
> or to add the "-S" option.

I'd argue an error should be thrown rather than letting the filter kill it, but yes.

Comment 13 Mike Gilbert gentoo-dev

2021-03-31 20:15:27 UTC

> I'd argue an error should be thrown rather than letting the filter kill it

The end result would be the same, but I suppose the error message could be improved.

It might make sense to request that as an enhancement upstream.

Comment 14 Mike Gilbert gentoo-dev

2021-03-31 20:54:25 UTC

This was fixed in mc upstream last month. Probably just needs a release or a backport.

https://github.com/MidnightCommander/mc/commit/1ed638d66cf803f69ac12ee80a72d217f2146e43

Comment 15 Sergei Trofimovich (RETIRED) gentoo-dev

2021-03-31 21:30:04 UTC

1. Does mc-9999 work for you?
2. Upstream asks follow-up questions at https://midnight-commander.org/ticket/4219. Can you provide answers?

Comment 16 Sam James archtester

2021-03-31 21:35:47 UTC

(In reply to Mike Gilbert from comment #13)
> > I'd argue an error should be thrown rather than letting the filter kill it
> 
> The end result would be the same, but I suppose the error message could be
> improved.
> 
> It might make sense to request that as an enhancement upstream.

This is just input validation, so yes of course it would be? Anyway, yeah, I will. I'll link it here.

Comment 17 Larry the Git Cow gentoo-dev

2021-03-31 22:17:44 UTC

The bug has been closed via the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=10a9d09e7c28f9a838a2bf4ad27a6e657aee7e86

commit 10a9d09e7c28f9a838a2bf4ad27a6e657aee7e86
Author:     Sergei Trofimovich <slyfox@gentoo.org>
AuthorDate: 2021-03-31 21:24:54 +0000
Commit:     Sergei Trofimovich <slyfox@gentoo.org>
CommitDate: 2021-03-31 22:17:40 +0000

    app-misc/mc: backport file seccomp failure
    
    Reported-by: Anton Bolshakov
    Closes: https://bugs.gentoo.org/776988
    Package-Manager: Portage-3.0.18, Repoman-3.0.3
    Signed-off-by: Sergei Trofimovich <slyfox@gentoo.org>

 app-misc/mc/files/mc-4.8.26-file-seccomp.patch | 142 +++++++++++++++++++++++++
 app-misc/mc/mc-4.8.26-r2.ebuild                | 118 ++++++++++++++++++++
 2 files changed, 260 insertions(+)

Comment 18 Roman 'gryf' Dobosz 2021-04-01 10:56:59 UTC

*** Bug 779679 has been marked as a duplicate of this bug. ***

Comment 19 Sam James archtester

2021-04-04 05:56:17 UTC

*** Bug 779940 has been marked as a duplicate of this bug. ***