1 files changed, 22 insertions, 26 deletions
diff --git a/src/fbuilder/build_profile.c b/src/fbuilder/build_profile.c
index 2e6b46e77..3a7a12fb3 100644
--- a/src/fbuilder/build_profile.c
+++ b/src/fbuilder/build_profile.c
@@ -22,7 +22,6 @@
 #include <sys/wait.h>
 #define TRACE_OUTPUT "/tmp/firejail-trace.XXXXXX"
-#define STRACE_OUTPUT "/tmp/firejail-strace.XXXXXX"
 void build_profile(int argc, char **argv, int index, FILE *fp) {
        // next index is the application name
@@ -41,36 +40,33 @@ void build_profile(int argc, char **argv, int index, FILE *fp) {
        if(asprintf(&output,"--trace=%s",trace_output) == -1)
                errExit("asprintf");
-        char *cmdlist[] = {
-          BINDIR "/firejail",
-          "--quiet",
-          "--noprofile",
-          "--caps.drop=all",
-          "--seccomp",
-          output,
-          "--shell=none",
-        };
        // calculate command length
-        unsigned len = (int) sizeof(cmdlist) / sizeof(char*) + argc - index + 1;
+        unsigned len = 64;      // plenty of space for firejail command line
-        if (arg_debug)
+        len += argc - index;    // program command line
-                printf("command len %d + %d + 1\n", (int) (sizeof(cmdlist) / sizeof(char*)), argc - index);
+        len += 1;               // NULL
-        char *cmd[len];
-        cmd[0] = cmdlist[0];    // explicit assignment to clean scan-build error
        // build command
-        unsigned i = 0;
+        char *cmd[len];
-        for (i = 0; i < (int) sizeof(cmdlist) / sizeof(char*); i++)
+        unsigned curr_len = 0;
-                cmd[i] = cmdlist[i];
+        cmd[curr_len++] = BINDIR "/firejail";
+        cmd[curr_len++] = "--quiet";
-        int i2 = index;
+        cmd[curr_len++] = "--noprofile";
-        for (; i < (len - 1); i++, i2++)
+        cmd[curr_len++] = "--caps.drop=all";
-                cmd[i] = argv[i2];
+        cmd[curr_len++] = "--seccomp";
-        assert(i < len);
+        cmd[curr_len++] = "--shell=none";
-        cmd[i] = NULL;
+        cmd[curr_len++] = output;
+        if (arg_appimage)
+                cmd[curr_len++] = "--appimage";
+        int i;
+        for (i = index; i < argc; i++)
+                cmd[curr_len++] = argv[i];
+        assert(curr_len < len);
+        cmd[curr_len] = NULL;
        if (arg_debug) {
-                for (i = 0; i < len; i++)
+                for (i = 0; cmd[i]; i++)
                        printf("%s%s\n", (i)?"\t":"", cmd[i]);
        }

diff --git a/src/fbuilder/build_profile.c b/src/fbuilder/build_profile.c index 2e6b46e77..3a7a12fb3 100644 --- a/src/fbuilder/build_profile.c +++ b/src/fbuilder/build_profile.c
@@ -22,7 +22,6 @@
22	#include <sys/wait.h>	22	#include <sys/wait.h>
23		23
24	#define TRACE_OUTPUT "/tmp/firejail-trace.XXXXXX"	24	#define TRACE_OUTPUT "/tmp/firejail-trace.XXXXXX"
25	#define STRACE_OUTPUT "/tmp/firejail-strace.XXXXXX"
26		25
27	void build_profile(int argc, char *argv, int index, FILE fp) {	26	void build_profile(int argc, char *argv, int index, FILE fp) {
28	// next index is the application name	27	// next index is the application name
@@ -41,36 +40,33 @@ void build_profile(int argc, char *argv, int index, FILE fp) {
41	if(asprintf(&output,"--trace=%s",trace_output) == -1)	40	if(asprintf(&output,"--trace=%s",trace_output) == -1)
42	errExit("asprintf");	41	errExit("asprintf");
43		42
44	char *cmdlist[] = {
45	BINDIR "/firejail",
46	"--quiet",
47	"--noprofile",
48	"--caps.drop=all",
49	"--seccomp",
50	output,
51	"--shell=none",
52	};
53
54	// calculate command length	43	// calculate command length
55	unsigned len = (int) sizeof(cmdlist) / sizeof(char*) + argc - index + 1;	44	unsigned len = 64; // plenty of space for firejail command line
56	if (arg_debug)	45	len += argc - index; // program command line
57	printf("command len %d + %d + 1\n", (int) (sizeof(cmdlist) / sizeof(char*)), argc - index);	46	len += 1; // NULL
58	char *cmd[len];
59	cmd[0] = cmdlist[0]; // explicit assignment to clean scan-build error
60		47
61	// build command	48	// build command
62	unsigned i = 0;	49	char *cmd[len];
63	for (i = 0; i < (int) sizeof(cmdlist) / sizeof(char*); i++)	50	unsigned curr_len = 0;
64	cmd[i] = cmdlist[i];	51	cmd[curr_len++] = BINDIR "/firejail";
65		52	cmd[curr_len++] = "--quiet";
66	int i2 = index;	53	cmd[curr_len++] = "--noprofile";
67	for (; i < (len - 1); i++, i2++)	54	cmd[curr_len++] = "--caps.drop=all";
68	cmd[i] = argv[i2];	55	cmd[curr_len++] = "--seccomp";
69	assert(i < len);	56	cmd[curr_len++] = "--shell=none";
70	cmd[i] = NULL;	57	cmd[curr_len++] = output;
		58	if (arg_appimage)
		59	cmd[curr_len++] = "--appimage";
		60
		61	int i;
		62	for (i = index; i < argc; i++)
		63	cmd[curr_len++] = argv[i];
		64
		65	assert(curr_len < len);
		66	cmd[curr_len] = NULL;
71		67
72	if (arg_debug) {	68	if (arg_debug) {
73	for (i = 0; i < len; i++)	69	for (i = 0; cmd[i]; i++)
74	printf("%s%s\n", (i)?"\t":"", cmd[i]);	70	printf("%s%s\n", (i)?"\t":"", cmd[i]);
75	}	71	}
76		72