diff options
-rw-r--r-- | src/firejail/fs.c | 26 |
1 files changed, 11 insertions, 15 deletions
diff --git a/src/firejail/fs.c b/src/firejail/fs.c index 1fc1c0942..5b8093885 100644 --- a/src/firejail/fs.c +++ b/src/firejail/fs.c | |||
@@ -152,27 +152,24 @@ static char *create_empty_file(void) { | |||
152 | return RO_FILE; | 152 | return RO_FILE; |
153 | } | 153 | } |
154 | 154 | ||
155 | static void disable_file(OPERATION op, const char *fname, const char *emptydir, const char *emptyfile) { | 155 | static void disable_file(OPERATION op, const char *filename, const char *emptydir, const char *emptyfile) { |
156 | assert(fname); | 156 | assert(filename); |
157 | assert(emptydir); | 157 | assert(emptydir); |
158 | assert(emptyfile); | 158 | assert(emptyfile); |
159 | assert(op <OPERATION_MAX); | 159 | assert(op <OPERATION_MAX); |
160 | 160 | ||
161 | // if the file is a link, follow the link | 161 | // Resolve all symlinks |
162 | char *lnk = NULL; | 162 | char* fname = realpath(filename, NULL); |
163 | if (is_link(fname)) { | 163 | if (fname == NULL) { |
164 | lnk = get_link(fname); | 164 | printf("Warning: %s is an invalid file, skipping...\n", filename); |
165 | if (lnk) | 165 | return; |
166 | fname = lnk; | ||
167 | else | ||
168 | fprintf(stderr, "Warning: cannot follow link %s, skipping...\n", fname); | ||
169 | } | 166 | } |
170 | 167 | ||
171 | // if the file is not present, do nothing | 168 | // if the file is not present, do nothing |
172 | struct stat s; | 169 | struct stat s; |
173 | if (stat(fname, &s) == -1) { | 170 | if (stat(fname, &s) == -1) { |
174 | if (lnk) | 171 | printf("Warning: %s does not exist, skipping...\n", fname); |
175 | free(lnk); | 172 | free(fname); |
176 | return; | 173 | return; |
177 | } | 174 | } |
178 | 175 | ||
@@ -211,8 +208,7 @@ static void disable_file(OPERATION op, const char *fname, const char *emptydir, | |||
211 | else | 208 | else |
212 | assert(0); | 209 | assert(0); |
213 | 210 | ||
214 | if (lnk) | 211 | free(fname); |
215 | free(lnk); | ||
216 | } | 212 | } |
217 | 213 | ||
218 | static void globbing(OPERATION op, const char *fname, const char *emptydir, const char *emptyfile) { | 214 | static void globbing(OPERATION op, const char *fname, const char *emptydir, const char *emptyfile) { |