socsvn commit: r257185 - soc2013/dpl/head/contrib/xz/src/xz

dpl at FreeBSD.org dpl at FreeBSD.org
Tue Sep 10 09:38:02 UTC 2013 

Author: dpl
Date: Tue Sep 10 09:38:02 2013
New Revision: 257185
URL: http://svnweb.FreeBSD.org/socsvn/?view=rev&rev=257185

Log:
  Something's wrong here
  

Modified:
  soc2013/dpl/head/contrib/xz/src/xz/file_io.c

Modified: soc2013/dpl/head/contrib/xz/src/xz/file_io.c
==============================================================================
--- soc2013/dpl/head/contrib/xz/src/xz/file_io.c	Tue Sep 10 09:14:38 2013	(r257184)
+++ soc2013/dpl/head/contrib/xz/src/xz/file_io.c	Tue Sep 10 09:38:02 2013	(r257185)
@@ -1020,19 +1020,27 @@
 }
 
 #if defined(CAPSICUM)
-void limitfd(int, unsigned long long);
+void limitfd(int, cap_rights_t *rights);
 
 extern void
 limitpair(file_pair *pair)
 {
+	cap_rights_t dir_cap;
+	cap_rights_t src_cap;
+	cap_rights_t dest_cap;
+
+	cap_rights_init(&dir_cap, CAP_FSTATAT, CAP_UNLINKAT, CAP_LOOKUP);
+	cap_rights_init(&src_cap, CAP_READ, CAP_SEEK);
+	cap_rights_init(&dest_cap, CAP_WRITE, CAP_FSTAT, CAP_FCHOWN, CAP_FCHMOD, CAP_FUTIMES);
+
 	if(pair->dir_fd != -1 )
-		limitfd(pair->dir_fd, CAP_FSTATAT|CAP_UNLINKAT|CAP_LOOKUP);
+		limitfd(pair->dir_fd, &dir_cap);
 
 	if(pair->src_fd != -1 )
-		limitfd(pair->src_fd, CAP_READ|CAP_SEEK);
+		limitfd(pair->src_fd, &src_cap);
 
 	if(pair->dest_fd != -1 )
-		limitfd(pair->dest_fd, CAP_WRITE|CAP_FSTAT|CAP_FCHOWN|CAP_FCHMOD|CAP_FUTIMES);
+		limitfd(pair->dest_fd, &dest_cap);
 
 	return;
 }
@@ -1040,12 +1048,17 @@
 extern void
 capsicum_enter(void)
 {
-	cap_rights_t rights;
-
-	cap_rights_init(&rights);
-	limitfd( STDIN_FILENO, CAP_READ);
-	limitfd( STDOUT_FILENO, CAP_WRITE);
-	limitfd( STDERR_FILENO, CAP_WRITE);
+	cap_rights_t stdin_cap;
+	cap_rights_t stdout_cap;
+	cap_rights_t stderr_cap;
+
+	cap_rights_init(&stdin_cap, CAP_READ);
+	cap_rights_init(&stdout_cap, CAP_WRITE);
+	cap_rights_init(&stderr_cap, CAP_WRITE);
+
+	limitfd(&stdin_cap, CAP_READ);
+	limitfd(&stdout_cap, CAP_WRITE);
+	limitfd(&stderr_cap, CAP_WRITE);
 
 	if (cap_enter() < 0 && errno != ENOSYS) {
 		message_error("cap_enter: %s", strerror(errno));
@@ -1056,21 +1069,19 @@
 }
 
 void
-limitfd(int fd, unsigned long long cap)
+limitfd(int fd, cap_rights_t *rights)
 {
-	cap_rights_t rights;
-
-	cap_rights_init(&rights);
-	cap_rights_set(&rights, cap);
+	int rightsget;
 
-	if( cap_rights_get(fd, &rights) < 0 && errno != ENOSYS) {
+	rightsget = cap_rights_get(fd, rights);
+	if( rightsget < 0 && errno != ENOSYS) {
 		message_error("%d: %s", fd, strerror(errno));
 		exit(E_ERROR);
-	} else {
-		if (cap_rights_limit(fd, &rights) < 0 && errno != ENOSYS){
-			message_error("%d: %s", STDIN_FILENO, strerror(errno));
-			exit(E_ERROR);
-		}
+	}
+
+	if (cap_rights_limit(fd, rights) < 0 && errno != ENOSYS) {
+		message_error("%d: %s", STDIN_FILENO, strerror(errno));
+		exit(E_ERROR);
 	}
 }
 #endif  /* CAPSICUM */

More information about the svn-soc-all mailing list