diff options
author | Kelvin M. Klann <kmk3.code@protonmail.com> | 2021-10-22 14:56:01 -0300 |
---|---|---|
committer | Kelvin M. Klann <kmk3.code@protonmail.com> | 2021-10-22 15:53:34 -0300 |
commit | 25f7c7e0b7119dfd396077685695b646d02b1f9e (patch) | |
tree | 905321894587345a2968c06fee79d4033871ed48 | |
parent | main.c: [ref] fix indentation and whitespace around group handling (diff) | |
download | firejail-25f7c7e0b7119dfd396077685695b646d02b1f9e.tar.gz firejail-25f7c7e0b7119dfd396077685695b646d02b1f9e.tar.zst firejail-25f7c7e0b7119dfd396077685695b646d02b1f9e.zip |
util.c: [ref] move group find/copy into new functions
Move the logic from clean_supplementary_groups into the following new
functions:
* find_group
* copy_group_ifcont
These will be reused later.
Misc: The latter function's signature is based on getgrouplist(2), which
is used on clean_supplementary_groups.
-rw-r--r-- | src/firejail/util.c | 37 |
1 files changed, 26 insertions, 11 deletions
diff --git a/src/firejail/util.c b/src/firejail/util.c index 55dcdc246..6fc8a663f 100644 --- a/src/firejail/util.c +++ b/src/firejail/util.c | |||
@@ -103,6 +103,30 @@ void errLogExit(char* fmt, ...) { | |||
103 | exit(1); | 103 | exit(1); |
104 | } | 104 | } |
105 | 105 | ||
106 | static int find_group(gid_t group, const gid_t *groups, int ngroups) { | ||
107 | int i; | ||
108 | for (i = 0; i < ngroups; i++) { | ||
109 | if (group == groups[i]) | ||
110 | return i; | ||
111 | } | ||
112 | |||
113 | return -1; | ||
114 | } | ||
115 | |||
116 | // Gets group from "groupname" and adds it to "new_groups" if it exists on | ||
117 | // "groups". Always returns the current value of new_ngroups. | ||
118 | static int copy_group_ifcont(const char *groupname, | ||
119 | const gid_t *groups, int ngroups, | ||
120 | gid_t *new_groups, int *new_ngroups) { | ||
121 | gid_t g = get_group_id(groupname); | ||
122 | if (g && find_group(g, groups, ngroups) >= 0) { | ||
123 | new_groups[*new_ngroups] = g; | ||
124 | (*new_ngroups)++; | ||
125 | } | ||
126 | |||
127 | return *new_ngroups; | ||
128 | } | ||
129 | |||
106 | static void clean_supplementary_groups(gid_t gid) { | 130 | static void clean_supplementary_groups(gid_t gid) { |
107 | assert(cfg.username); | 131 | assert(cfg.username); |
108 | gid_t groups[MAX_GROUPS]; | 132 | gid_t groups[MAX_GROUPS]; |
@@ -126,17 +150,8 @@ static void clean_supplementary_groups(gid_t gid) { | |||
126 | 150 | ||
127 | int i = 0; | 151 | int i = 0; |
128 | while (allowed[i]) { | 152 | while (allowed[i]) { |
129 | gid_t g = get_group_id(allowed[i]); | 153 | copy_group_ifcont(allowed[i], groups, ngroups, |
130 | if (g) { | 154 | new_groups, &new_ngroups); |
131 | int j; | ||
132 | for (j = 0; j < ngroups; j++) { | ||
133 | if (g == groups[j]) { | ||
134 | new_groups[new_ngroups] = g; | ||
135 | new_ngroups++; | ||
136 | break; | ||
137 | } | ||
138 | } | ||
139 | } | ||
140 | i++; | 155 | i++; |
141 | } | 156 | } |
142 | 157 | ||