diff options
Diffstat (limited to 'src/firejail/profile.c')
-rw-r--r-- | src/firejail/profile.c | 16 |
1 files changed, 5 insertions, 11 deletions
diff --git a/src/firejail/profile.c b/src/firejail/profile.c index f7d5e87e6..f3a7eb727 100644 --- a/src/firejail/profile.c +++ b/src/firejail/profile.c | |||
@@ -529,9 +529,7 @@ int profile_check_line(char *ptr, int lineno, const char *fname) { | |||
529 | #ifdef HAVE_SECCOMP | 529 | #ifdef HAVE_SECCOMP |
530 | if (checkcfg(CFG_SECCOMP)) { | 530 | if (checkcfg(CFG_SECCOMP)) { |
531 | arg_seccomp = 1; | 531 | arg_seccomp = 1; |
532 | cfg.seccomp_list = strdup(ptr + 8); | 532 | cfg.seccomp_list = seccomp_check_list(ptr + 8); |
533 | if (!cfg.seccomp_list) | ||
534 | errExit("strdup"); | ||
535 | } | 533 | } |
536 | else | 534 | else |
537 | fprintf(stderr, "Warning: user seccomp feature is disabled in Firejail configuration file\n"); | 535 | fprintf(stderr, "Warning: user seccomp feature is disabled in Firejail configuration file\n"); |
@@ -545,9 +543,7 @@ int profile_check_line(char *ptr, int lineno, const char *fname) { | |||
545 | #ifdef HAVE_SECCOMP | 543 | #ifdef HAVE_SECCOMP |
546 | if (checkcfg(CFG_SECCOMP)) { | 544 | if (checkcfg(CFG_SECCOMP)) { |
547 | arg_seccomp = 1; | 545 | arg_seccomp = 1; |
548 | cfg.seccomp_list_drop = strdup(ptr + 13); | 546 | cfg.seccomp_list_drop = seccomp_check_list(ptr + 13); |
549 | if (!cfg.seccomp_list_drop) | ||
550 | errExit("strdup"); | ||
551 | } | 547 | } |
552 | else | 548 | else |
553 | fprintf(stderr, "Warning: user seccomp feature is disabled in Firejail configuration file\n"); | 549 | fprintf(stderr, "Warning: user seccomp feature is disabled in Firejail configuration file\n"); |
@@ -560,9 +556,7 @@ int profile_check_line(char *ptr, int lineno, const char *fname) { | |||
560 | #ifdef HAVE_SECCOMP | 556 | #ifdef HAVE_SECCOMP |
561 | if (checkcfg(CFG_SECCOMP)) { | 557 | if (checkcfg(CFG_SECCOMP)) { |
562 | arg_seccomp = 1; | 558 | arg_seccomp = 1; |
563 | cfg.seccomp_list_keep= strdup(ptr + 13); | 559 | cfg.seccomp_list_keep= seccomp_check_list(ptr + 13); |
564 | if (!cfg.seccomp_list_keep) | ||
565 | errExit("strdup"); | ||
566 | } | 560 | } |
567 | else | 561 | else |
568 | fprintf(stderr, "Warning: user seccomp feature is disabled in Firejail configuration file\n"); | 562 | fprintf(stderr, "Warning: user seccomp feature is disabled in Firejail configuration file\n"); |
@@ -576,7 +570,7 @@ int profile_check_line(char *ptr, int lineno, const char *fname) { | |||
576 | arg_caps_list = strdup(ptr + 10); | 570 | arg_caps_list = strdup(ptr + 10); |
577 | if (!arg_caps_list) | 571 | if (!arg_caps_list) |
578 | errExit("strdup"); | 572 | errExit("strdup"); |
579 | // verify seccomp list and exit if problems | 573 | // verify caps list and exit if problems |
580 | if (caps_check_list(arg_caps_list, NULL)) | 574 | if (caps_check_list(arg_caps_list, NULL)) |
581 | exit(1); | 575 | exit(1); |
582 | return 0; | 576 | return 0; |
@@ -588,7 +582,7 @@ int profile_check_line(char *ptr, int lineno, const char *fname) { | |||
588 | arg_caps_list = strdup(ptr + 10); | 582 | arg_caps_list = strdup(ptr + 10); |
589 | if (!arg_caps_list) | 583 | if (!arg_caps_list) |
590 | errExit("strdup"); | 584 | errExit("strdup"); |
591 | // verify seccomp list and exit if problems | 585 | // verify caps list and exit if problems |
592 | if (caps_check_list(arg_caps_list, NULL)) | 586 | if (caps_check_list(arg_caps_list, NULL)) |
593 | exit(1); | 587 | exit(1); |
594 | return 0; | 588 | return 0; |