aboutsummaryrefslogtreecommitdiffstats
path: root/src/fbuilder/build_seccomp.c
diff options
context:
space:
mode:
authorLibravatar ಚಿರಾಗ್ ನಟರಾಜ್ <chiraag.nataraj@gmail.com>2018-08-16 09:42:58 -0400
committerLibravatar ಚಿರಾಗ್ ನಟರಾಜ್ <chiraag.nataraj@gmail.com>2018-08-16 09:42:58 -0400
commitb0f49116fb026fe08fc30c495c637c42ed3195ad (patch)
tree0656986b7e39f857f48c576f7671a29001a56ace /src/fbuilder/build_seccomp.c
parentharden private-home mounting, small improvements (diff)
downloadfirejail-b0f49116fb026fe08fc30c495c637c42ed3195ad.tar.gz
firejail-b0f49116fb026fe08fc30c495c637c42ed3195ad.tar.zst
firejail-b0f49116fb026fe08fc30c495c637c42ed3195ad.zip
Generate temporary filenames instead of using a fixed one (fixes #2083)
Diffstat (limited to 'src/fbuilder/build_seccomp.c')
-rw-r--r--src/fbuilder/build_seccomp.c22
1 files changed, 14 insertions, 8 deletions
diff --git a/src/fbuilder/build_seccomp.c b/src/fbuilder/build_seccomp.c
index fbc0e06f4..f275caf80 100644
--- a/src/fbuilder/build_seccomp.c
+++ b/src/fbuilder/build_seccomp.c
@@ -20,11 +20,12 @@
20 20
21#include "fbuilder.h" 21#include "fbuilder.h"
22 22
23void build_seccomp(const char *fname, FILE *fp) { 23void build_seccomp(char *fname, int fd, FILE *fp) {
24 assert(fname); 24 assert(fname);
25 assert(fd);
25 assert(fp); 26 assert(fp);
26 27
27 FILE *fp2 = fopen(fname, "r"); 28 FILE *fp2 = fdopen(fd, "r");
28 if (!fp2) { 29 if (!fp2) {
29 fprintf(stderr, "Error: cannot open %s\n", fname); 30 fprintf(stderr, "Error: cannot open %s\n", fname);
30 exit(1); 31 exit(1);
@@ -87,11 +88,12 @@ int inet = 0;
87int inet6 = 0; 88int inet6 = 0;
88int netlink = 0; 89int netlink = 0;
89int packet = 0; 90int packet = 0;
90static void process_protocol(const char *fname) { 91static void process_protocol(char *fname, int fd) {
91 assert(fname); 92 assert(fname);
93 assert(fd);
92 94
93 // process trace file 95 // process trace file
94 FILE *fp = fopen(fname, "r"); 96 FILE *fp = fdopen(fd, "r");
95 if (!fp) { 97 if (!fp) {
96 fprintf(stderr, "Error: cannot open %s\n", fname); 98 fprintf(stderr, "Error: cannot open %s\n", fname);
97 exit(1); 99 exit(1);
@@ -142,11 +144,13 @@ static void process_protocol(const char *fname) {
142 144
143 145
144// process fname, fname.1, fname.2, fname.3, fname.4, fname.5 146// process fname, fname.1, fname.2, fname.3, fname.4, fname.5
145void build_protocol(const char *fname, FILE *fp) { 147void build_protocol(char *fname, int fd, FILE *fp) {
146 assert(fname); 148 assert(fname);
149 assert(fd);
150 assert(fp);
147 151
148 // run fname 152 // run fname
149 process_protocol(fname); 153 process_protocol(fname, fd);
150 154
151 // run all the rest 155 // run all the rest
152 struct stat s; 156 struct stat s;
@@ -155,8 +159,10 @@ void build_protocol(const char *fname, FILE *fp) {
155 char *newname; 159 char *newname;
156 if (asprintf(&newname, "%s.%d", fname, i) == -1) 160 if (asprintf(&newname, "%s.%d", fname, i) == -1)
157 errExit("asprintf"); 161 errExit("asprintf");
158 if (stat(newname, &s) == 0) 162 if (stat(newname, &s) == 0) {
159 process_protocol(newname); 163 int nfd = open(newname, O_RDONLY);
164 process_protocol(newname, nfd);
165 }
160 free(newname); 166 free(newname);
161 } 167 }
162 168
generated by cgit v1.2.3-54-g00ecf (git 2.45.2) at 2024-07-01 00:03:09 +0000