diff options
author | smitsohu <smitsohu@gmail.com> | 2021-02-12 18:54:10 +0100 |
---|---|---|
committer | smitsohu <smitsohu@gmail.com> | 2021-02-12 18:55:32 +0100 |
commit | f25b12cf483c4e531d4160aba44505ec056f152b (patch) | |
tree | a089c906989b5bfbee945a99253528a1d881c85c | |
parent | remount hardening (diff) | |
download | firejail-f25b12cf483c4e531d4160aba44505ec056f152b.tar.gz firejail-f25b12cf483c4e531d4160aba44505ec056f152b.tar.zst firejail-f25b12cf483c4e531d4160aba44505ec056f152b.zip |
tweak
readability/making it more obvious buffers
are properly initialized
-rw-r--r-- | src/firejail/fs.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/src/firejail/fs.c b/src/firejail/fs.c index 972ee8def..ef1f87f0c 100644 --- a/src/firejail/fs.c +++ b/src/firejail/fs.c | |||
@@ -489,13 +489,13 @@ void fs_tmpfs(const char *dir, unsigned check_owner) { | |||
489 | 489 | ||
490 | // remount path, preserving other mount flags; requires a resolved path | 490 | // remount path, preserving other mount flags; requires a resolved path |
491 | static void fs_remount_simple(const char *path, OPERATION op) { | 491 | static void fs_remount_simple(const char *path, OPERATION op) { |
492 | struct stat s1, s2; | ||
493 | assert(path); | 492 | assert(path); |
494 | 493 | ||
495 | // open path without following symbolic links | 494 | // open path without following symbolic links |
496 | int fd1 = safe_fd(path, O_PATH|O_NOFOLLOW|O_CLOEXEC); | 495 | int fd1 = safe_fd(path, O_PATH|O_NOFOLLOW|O_CLOEXEC); |
497 | if (fd1 == -1) | 496 | if (fd1 == -1) |
498 | goto out; | 497 | goto out; |
498 | struct stat s1; | ||
499 | if (fstat(fd1, &s1) == -1) { | 499 | if (fstat(fd1, &s1) == -1) { |
500 | // fstat can fail with EACCES if path is a FUSE mount, | 500 | // fstat can fail with EACCES if path is a FUSE mount, |
501 | // mounted without 'allow_root' or 'allow_other' | 501 | // mounted without 'allow_root' or 'allow_other' |
@@ -561,6 +561,7 @@ static void fs_remount_simple(const char *path, OPERATION op) { | |||
561 | int fd2 = safe_fd(path, O_PATH|O_NOFOLLOW|O_CLOEXEC); | 561 | int fd2 = safe_fd(path, O_PATH|O_NOFOLLOW|O_CLOEXEC); |
562 | if (fd2 == -1) | 562 | if (fd2 == -1) |
563 | errExit("open"); | 563 | errExit("open"); |
564 | struct stat s2; | ||
564 | if (fstat(fd2, &s2) == -1) | 565 | if (fstat(fd2, &s2) == -1) |
565 | errExit("fstat"); | 566 | errExit("fstat"); |
566 | // device and inode number should be the same | 567 | // device and inode number should be the same |