Monday, June 21, 2021

Re: EACCES of UDP packet

Thanks a lot for the hint. Unfortunately I'm still not able to see why sendto failed with 13 Permission denied. The AF_INET address masked is the correct one of my server, not a broadcast address. A sendto before this one to the same address just worked.

3058 myapp CALL sendto(5,0x1689f5f6500,0x5d,0x400<MSG_NOSIGNAL>,0x7f7fffff1144,0x10)
3058 myapp STRU struct sockaddr { AF_INET, xxx.xxx.xxx.xxx:yyyy }
3058 myapp RET sendto -1 errno 13 Permission denied
3058 myapp CALL close(5)
3058 myapp RET close 0

The dump file is like 600MB. I can provide more trace log if it is necessary for locating the root cause.


Siegfried
siegfried.levin@gmail.com




> On Jun 15, 2021, at 8:50 PM, Theo de Raadt <deraadt@openbsd.org> wrote:
>
> use ktrace
>
> Siegfried Levin <siegfried.levin@gmail.com> wrote:
>
>> Hi,
>>
>> I have a application run by a normal user communicating with the server with UDP. It crashes very occasionally, like once per week, due to EACCES when sending a UDP packet. According to the manpage (https://man.openbsd.org/OpenBSD-6.9/sendmsg.2#EACCES), the reason might be either being blocked by PF or sending to a broadcast address. I can confirm the packet was not sent to a broadcast address. However, I cannot figure out what rule could block the connection occasionally either. The application can be brought back online without changing any configuration. Does anyone know what might fix this? I can also rewrite the code to make it ignore the error and keep trying but that might not be a proper solution. Running it as root might not be a good idea, too.
>>
>> It happens since OpenBSD 6.8. Now I'm running it on 6.9. The application is written in Rust.
>>
>> Siegfried
>> siegfried.levin@gmail.com
>>
>>
>>
>>

No comments:

Post a Comment