diff options
| -rw-r--r-- | src/firejail/sandbox.c | 2 | ||||
| -rw-r--r-- | src/fnet/interface.c | 14 |
2 files changed, 11 insertions, 5 deletions
diff --git a/src/firejail/sandbox.c b/src/firejail/sandbox.c index a14cf5a81..96ad30bed 100644 --- a/src/firejail/sandbox.c +++ b/src/firejail/sandbox.c | |||
| @@ -337,7 +337,7 @@ static int monitor_application(pid_t app_pid) { | |||
| 337 | continue; | 337 | continue; |
| 338 | if (pid == 1) | 338 | if (pid == 1) |
| 339 | continue; | 339 | continue; |
| 340 | if (pid == dhclient4_pid || pid == dhclient6_pid) | 340 | if ((pid_t) pid == dhclient4_pid || (pid_t) pid == dhclient6_pid) |
| 341 | continue; | 341 | continue; |
| 342 | 342 | ||
| 343 | // todo: make this generic | 343 | // todo: make this generic |
diff --git a/src/fnet/interface.c b/src/fnet/interface.c index 6a9208898..62df0930e 100644 --- a/src/fnet/interface.c +++ b/src/fnet/interface.c | |||
| @@ -375,9 +375,10 @@ void net_if_ip6(const char *ifname, const char *addr6) { | |||
| 375 | 375 | ||
| 376 | static int net_netlink_address_tentative(struct nlmsghdr *current_header) { | 376 | static int net_netlink_address_tentative(struct nlmsghdr *current_header) { |
| 377 | struct ifaddrmsg *msg = NLMSG_DATA(current_header); | 377 | struct ifaddrmsg *msg = NLMSG_DATA(current_header); |
| 378 | int has_flags = 0; | ||
| 379 | #ifdef IFA_FLAGS | ||
| 378 | struct rtattr *rta = IFA_RTA(msg); | 380 | struct rtattr *rta = IFA_RTA(msg); |
| 379 | size_t msg_len = IFA_PAYLOAD(current_header); | 381 | size_t msg_len = IFA_PAYLOAD(current_header); |
| 380 | int has_flags = 0; | ||
| 381 | while (RTA_OK(rta, msg_len)) { | 382 | while (RTA_OK(rta, msg_len)) { |
| 382 | if (rta->rta_type == IFA_FLAGS) { | 383 | if (rta->rta_type == IFA_FLAGS) { |
| 383 | has_flags = 1; | 384 | has_flags = 1; |
| @@ -387,12 +388,13 @@ static int net_netlink_address_tentative(struct nlmsghdr *current_header) { | |||
| 387 | } | 388 | } |
| 388 | rta = RTA_NEXT(rta, msg_len); | 389 | rta = RTA_NEXT(rta, msg_len); |
| 389 | } | 390 | } |
| 391 | #endif | ||
| 390 | // According to <linux/if_addr.h>, if an IFA_FLAGS attribute is present, | 392 | // According to <linux/if_addr.h>, if an IFA_FLAGS attribute is present, |
| 391 | // the field ifa_flags should be ignored. | 393 | // the field ifa_flags should be ignored. |
| 392 | return !has_flags && (msg->ifa_flags & IFA_F_TENTATIVE); | 394 | return !has_flags && (msg->ifa_flags & IFA_F_TENTATIVE); |
| 393 | } | 395 | } |
| 394 | 396 | ||
| 395 | static int net_netlink_if_has_ll(int sock, int index) { | 397 | static int net_netlink_if_has_ll(int sock, uint32_t index) { |
| 396 | struct { | 398 | struct { |
| 397 | struct nlmsghdr header; | 399 | struct nlmsghdr header; |
| 398 | struct ifaddrmsg message; | 400 | struct ifaddrmsg message; |
| @@ -412,7 +414,7 @@ static int net_netlink_if_has_ll(int sock, int index) { | |||
| 412 | ssize_t len = recv(sock, buf, sizeof(buf), 0); | 414 | ssize_t len = recv(sock, buf, sizeof(buf), 0); |
| 413 | if (len < 0) | 415 | if (len < 0) |
| 414 | errExit("recv"); | 416 | errExit("recv"); |
| 415 | if (len < sizeof(struct nlmsghdr)) { | 417 | if (len < (ssize_t) sizeof(struct nlmsghdr)) { |
| 416 | fprintf(stderr, "Received incomplete netlink message\n"); | 418 | fprintf(stderr, "Received incomplete netlink message\n"); |
| 417 | exit(1); | 419 | exit(1); |
| 418 | } | 420 | } |
| @@ -469,7 +471,11 @@ void net_if_waitll(const char *ifname) { | |||
| 469 | exit(1); | 471 | exit(1); |
| 470 | } | 472 | } |
| 471 | close(inet6_sock); | 473 | close(inet6_sock); |
| 472 | int index = ifr.ifr_ifindex; | 474 | if (ifr.ifr_ifindex < 0) { |
| 475 | fprintf(stderr, "Error fnet: interface index is negative\n"); | ||
| 476 | exit(1); | ||
| 477 | } | ||
| 478 | uint32_t index = (uint32_t) ifr.ifr_ifindex; | ||
| 473 | 479 | ||
| 474 | // poll for link-local address | 480 | // poll for link-local address |
| 475 | int netlink_sock = socket(AF_NETLINK, SOCK_RAW, NETLINK_ROUTE); | 481 | int netlink_sock = socket(AF_NETLINK, SOCK_RAW, NETLINK_ROUTE); |