socsvn commit: r257249 - soc2013/dpl/head/lib/libzcap

[dpl at FreeBSD.org]

Author: dpl
Date: Thu Sep 12 21:28:09 2013
New Revision: 257249
URL: http://svnweb.FreeBSD.org/socsvn/?view=rev&rev=257249

Log:
  Limited fd of gzopen() depending on the mode.
  

Modified:
  soc2013/dpl/head/lib/libzcap/gzlib.c

Modified: soc2013/dpl/head/lib/libzcap/gzlib.c
==============================================================================
--- soc2013/dpl/head/lib/libzcap/gzlib.c	Thu Sep 12 20:51:48 2013	(r257248)
+++ soc2013/dpl/head/lib/libzcap/gzlib.c	Thu Sep 12 21:28:09 2013	(r257249)
@@ -15,6 +15,7 @@
 #include "commands.h"
 #include "zconf.h"
 
+static void limitgzip(int fd, const char *mode);
 /* -- see zlib.h -- */
 gzFile ZEXPORT gzopen(path, mode)
     const char *path;
@@ -23,7 +24,6 @@
 	int oflag = 0;
 	int fd;
 	const char *loopmode;
-	cap_rights_t rights;
 	mode_t mode2;
 
 	loopmode = mode;
@@ -64,15 +64,51 @@
 	if ((fd = open(path, oflag, mode2)) < 0)
 		err(1, "zcaplib: Couldn't create gzip file");
 
-	//limitgzip(fd, mode);
-	cap_rights_init(&rights, CAP_READ, CAP_SEEK, CAP_WRITE, CAP_FSTAT, CAP_FCNTL);
+	limitgzip(fd, mode);
+
+	return gzdopen(fd, mode);
+}
+
+static void limitgzip(fd, mode)
+	int fd;
+	const char *mode;
+{
+	cap_rights_t rights;
+	const char *loopmode;
+	int capread, capwrite;
+
+	capread = capwrite = 0;
+
+	loopmode = mode;
+	while(*loopmode) {
+		switch (*loopmode){
+#ifndef NO_GZCOMPRESS
+		case('w'):
+		case('a'):
+			capwrite = 1;
+			break;
+#endif
+		case('r'):
+			capread = 1;
+			break;
+		default:
+			;
+		}
+	++loopmode;
+	}
+
+	if (capread == 1)
+		cap_rights_init(&rights, CAP_READ, CAP_SEEK, CAP_FSTAT, CAP_FCNTL);
+
+	if (capwrite == 1)
+		cap_rights_init(&rights, CAP_WRITE, CAP_SEEK, CAP_FSTAT, CAP_FCNTL);
+	
 	if (cap_rights_limit(fd, &rights) < 0)
 		err(1, "zcaplib: Couldn't limit fd: %d", fd);
 
 	if (cap_fcntls_limit(fd, CAP_FCNTL_GETFL) < 0)
 		err(1, "zcaplib: Couldn't limit fcntls of fd: %d", fd);
 
-	return gzdopen(fd, mode);
 }
 
 /* -- see zlib.h -- */