diff options
| author |  Kelvin M. Klann <kmk3.code@protonmail.com> | 2021-10-22 14:56:01 -0300 |
|---|---|---|
| committer | Kelvin M. Klann <kmk3.code@protonmail.com> | 2021-10-22 15:53:34 -0300 |
| commit | 25f7c7e0b7119dfd396077685695b646d02b1f9e (patch) | |
| tree | 905321894587345a2968c06fee79d4033871ed48 /src | |
| parent | main.c: [ref] fix indentation and whitespace around group handling (diff) | |
| download | firejail-25f7c7e0b7119dfd396077685695b646d02b1f9e.tar.gz firejail-25f7c7e0b7119dfd396077685695b646d02b1f9e.tar.zst firejail-25f7c7e0b7119dfd396077685695b646d02b1f9e.zip | |
util.c: [ref] move group find/copy into new functions
Move the logic from clean_supplementary_groups into the following new
functions:
* find_group
* copy_group_ifcont
These will be reused later.
Misc: The latter function's signature is based on getgrouplist(2), which
is used on clean_supplementary_groups.
Diffstat (limited to 'src')
| -rw-r--r-- | src/firejail/util.c | 37 |
1 files changed, 26 insertions, 11 deletions
diff --git a/src/firejail/util.c b/src/firejail/util.c index 55dcdc246..6fc8a663f 100644 --- a/src/firejail/util.c +++ b/src/firejail/util.c | |||
| @@ -103,6 +103,30 @@ void errLogExit(char* fmt, ...) { | |||
| 103 | exit(1); | 103 | exit(1); |
| 104 | } | 104 | } |
| 105 | 105 | ||
| 106 | static int find_group(gid_t group, const gid_t *groups, int ngroups) { | ||
| 107 | int i; | ||
| 108 | for (i = 0; i < ngroups; i++) { | ||
| 109 | if (group == groups[i]) | ||
| 110 | return i; | ||
| 111 | } | ||
| 112 | |||
| 113 | return -1; | ||
| 114 | } | ||
| 115 | |||
| 116 | // Gets group from "groupname" and adds it to "new_groups" if it exists on | ||
| 117 | // "groups". Always returns the current value of new_ngroups. | ||
| 118 | static int copy_group_ifcont(const char *groupname, | ||
| 119 | const gid_t *groups, int ngroups, | ||
| 120 | gid_t *new_groups, int *new_ngroups) { | ||
| 121 | gid_t g = get_group_id(groupname); | ||
| 122 | if (g && find_group(g, groups, ngroups) >= 0) { | ||
| 123 | new_groups[*new_ngroups] = g; | ||
| 124 | (*new_ngroups)++; | ||
| 125 | } | ||
| 126 | |||
| 127 | return *new_ngroups; | ||
| 128 | } | ||
| 129 | |||
| 106 | static void clean_supplementary_groups(gid_t gid) { | 130 | static void clean_supplementary_groups(gid_t gid) { |
| 107 | assert(cfg.username); | 131 | assert(cfg.username); |
| 108 | gid_t groups[MAX_GROUPS]; | 132 | gid_t groups[MAX_GROUPS]; |
| @@ -126,17 +150,8 @@ static void clean_supplementary_groups(gid_t gid) { | |||
| 126 | 150 | ||
| 127 | int i = 0; | 151 | int i = 0; |
| 128 | while (allowed[i]) { | 152 | while (allowed[i]) { |
| 129 | gid_t g = get_group_id(allowed[i]); | 153 | copy_group_ifcont(allowed[i], groups, ngroups, |
| 130 | if (g) { | 154 | new_groups, &new_ngroups); |
| 131 | int j; | ||
| 132 | for (j = 0; j < ngroups; j++) { | ||
| 133 | if (g == groups[j]) { | ||
| 134 | new_groups[new_ngroups] = g; | ||
| 135 | new_ngroups++; | ||
| 136 | break; | ||
| 137 | } | ||
| 138 | } | ||
| 139 | } | ||
| 140 | i++; | 155 | i++; |
| 141 | } | 156 | } |
| 142 | 157 | ||