File seccomp-fixes.patch of Package vsftpd

Index: vsftpd-3.0.4/seccompsandbox.c
===================================================================
--- vsftpd-3.0.4.orig/seccompsandbox.c	2021-06-15 08:06:29.165512830 +0000
+++ vsftpd-3.0.4/seccompsandbox.c	2021-06-15 08:06:42.778484808 +0000
@@ -18,6 +18,7 @@
 #include "utility.h"
 
 #include <errno.h>
+#include <stdio.h>
 
 #include <netinet/in.h>
 #include <netinet/tcp.h>
@@ -63,6 +64,7 @@
 
 #define kMaxSyscalls 100
 
+//#define DEBUG_SIGSYS
 #ifdef DEBUG_SIGSYS
 
 #include <signal.h>
@@ -71,7 +73,10 @@
 void
 handle_sigsys(int sig)
 {
-  (void) sig;
+  char str[21];
+  snprintf(str, 21, "Rejected syscall %d", sig);
+
+  die(str);
 }
 #endif
 
@@ -586,8 +591,8 @@ seccomp_sandbox_lockdown()
   p_filter->code = BPF_LD+BPF_W+BPF_ABS;
   p_filter->jt = 0;
   p_filter->jf = 0;
-  /* Offset 4 for syscall architecture. */
-  p_filter->k = 4;
+  /* Offset 5 for syscall architecture. */
+  p_filter->k = 5;
   p_filter++;
   p_filter->code = BPF_JMP+BPF_JEQ+BPF_K;
   p_filter->jt = 1;