Print error message on empty BPF

This is useful when we're not sure if a filter is installed or not
david942j · Jun 28, 2022 · e0ab359 · e0ab359
1 parent 808358b
commit e0ab359
Show file tree

Hide file tree

Showing 2 changed files with 17 additions and 2 deletions.
diff --git a/lib/seccomp-tools/dumper.rb b/lib/seccomp-tools/dumper.rb
@@ -181,7 +181,11 @@ def dump_by_pid(pid, limit, &block)
         while limit.negative? || i < limit
           begin
             bpf = Ptrace.seccomp_get_filter(pid, i)
-          rescue Errno::ENOENT, Errno::EINVAL
+          rescue Errno::EINVAL
+            Logger.error('No seccomp filters installed')
+            break
+          rescue Errno::ENOENT
+            Logger.error('No filter exists at this index')
             break
           end
           collect << (block.nil? ? bpf : yield(bpf, nil))

diff --git a/spec/cli/dump_spec.rb b/spec/cli/dump_spec.rb
@@ -34,11 +34,22 @@
         break if line.start_with?('Welcome')
       end
       expect { described_class.new(['-f', 'inspect', '-p', pid.to_s]).handle }.to output(@bpf_inspect).to_stdout
-      expect { described_class.new(['-l', '2', '-p', pid.to_s]).handle }.to output(@bpf_disasm).to_stdout
+      expect { described_class.new(['-l', '2', '-p', pid.to_s]).handle }.to output(@bpf_disasm+"[ERROR] No filter exists at this index\n").to_stdout
       i.write("0\n")
     end
   end
 
+  it 'by pid without filter' do
+    pid = Process.spawn('sleep 60')
+    begin
+      error = /No seccomp filters installed/
+      expect { described_class.new(['-p', pid.to_s]).handle }.to output(error).to_stdout
+    ensure
+      Process.kill('TERM', pid)
+      Process.wait(pid)
+    end
+  end
+
   it 'by pid without root' do
     pid = Process.spawn('sleep 60')
     begin