diff options
Diffstat (limited to 'src/fseccomp/protocol.c')
| -rw-r--r-- | src/fseccomp/protocol.c | 14 |
1 files changed, 7 insertions, 7 deletions
diff --git a/src/fseccomp/protocol.c b/src/fseccomp/protocol.c index 4a0fadb3c..43bc3d562 100644 --- a/src/fseccomp/protocol.c +++ b/src/fseccomp/protocol.c | |||
| @@ -87,7 +87,7 @@ static struct sock_filter *find_protocol_domain(const char *p) { | |||
| 87 | } | 87 | } |
| 88 | 88 | ||
| 89 | return NULL; | 89 | return NULL; |
| 90 | } | 90 | } |
| 91 | #endif | 91 | #endif |
| 92 | 92 | ||
| 93 | void protocol_print(void) { | 93 | void protocol_print(void) { |
| @@ -119,7 +119,7 @@ void protocol_build_filter(const char *prlist, const char *fname) { | |||
| 119 | struct sock_filter filter[32]; // big enough | 119 | struct sock_filter filter[32]; // big enough |
| 120 | memset(&filter[0], 0, sizeof(filter)); | 120 | memset(&filter[0], 0, sizeof(filter)); |
| 121 | uint8_t *ptr = (uint8_t *) &filter[0]; | 121 | uint8_t *ptr = (uint8_t *) &filter[0]; |
| 122 | 122 | ||
| 123 | // header | 123 | // header |
| 124 | struct sock_filter filter_start[] = { | 124 | struct sock_filter filter_start[] = { |
| 125 | VALIDATE_ARCHITECTURE, | 125 | VALIDATE_ARCHITECTURE, |
| @@ -153,7 +153,7 @@ printf("whitelist_len %u, struct sock_filter len %u\n", whitelist_len, (unsigned | |||
| 153 | char *token = strtok(tmplist, ","); | 153 | char *token = strtok(tmplist, ","); |
| 154 | if (!token) | 154 | if (!token) |
| 155 | errExit("strtok"); | 155 | errExit("strtok"); |
| 156 | 156 | ||
| 157 | while (token) { | 157 | while (token) { |
| 158 | struct sock_filter *domain = find_protocol_domain(token); | 158 | struct sock_filter *domain = find_protocol_domain(token); |
| 159 | if (domain == NULL) { | 159 | if (domain == NULL) { |
| @@ -179,7 +179,7 @@ printf("entries %u\n", (unsigned) ((uint64_t) ptr - (uint64_t) (filter)) / (uns | |||
| 179 | #endif | 179 | #endif |
| 180 | 180 | ||
| 181 | 181 | ||
| 182 | } | 182 | } |
| 183 | free(tmplist); | 183 | free(tmplist); |
| 184 | 184 | ||
| 185 | // add end of filter | 185 | // add end of filter |
| @@ -201,14 +201,14 @@ printf("entries %u\n", (unsigned) ((uint64_t) ptr - (uint64_t) (filter)) / (uns | |||
| 201 | } | 201 | } |
| 202 | printf("\n"); | 202 | printf("\n"); |
| 203 | } | 203 | } |
| 204 | #endif | 204 | #endif |
| 205 | // save filter to file | 205 | // save filter to file |
| 206 | int dst = open(fname, O_CREAT|O_WRONLY|O_TRUNC, S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH); | 206 | int dst = open(fname, O_CREAT|O_WRONLY|O_TRUNC, S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH); |
| 207 | if (dst < 0) { | 207 | if (dst < 0) { |
| 208 | fprintf(stderr, "Error fseccomp: cannot open %s file\n", fname); | 208 | fprintf(stderr, "Error fseccomp: cannot open %s file\n", fname); |
| 209 | exit(1); | 209 | exit(1); |
| 210 | } | 210 | } |
| 211 | 211 | ||
| 212 | int size = (int) ((uintptr_t) ptr - (uintptr_t) (filter)); | 212 | int size = (int) ((uintptr_t) ptr - (uintptr_t) (filter)); |
| 213 | int written = 0; | 213 | int written = 0; |
| 214 | while (written < size) { | 214 | while (written < size) { |
| @@ -220,5 +220,5 @@ printf("entries %u\n", (unsigned) ((uint64_t) ptr - (uint64_t) (filter)) / (uns | |||
| 220 | written += rv; | 220 | written += rv; |
| 221 | } | 221 | } |
| 222 | close(dst); | 222 | close(dst); |
| 223 | #endif // SYS_socket | 223 | #endif // SYS_socket |
| 224 | } | 224 | } |