diff options
Diffstat (limited to 'src/fseccomp/syscall.c')
| -rw-r--r-- | src/fseccomp/syscall.c | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/src/fseccomp/syscall.c b/src/fseccomp/syscall.c index 3b698d2dd..d31b719d6 100644 --- a/src/fseccomp/syscall.c +++ b/src/fseccomp/syscall.c | |||
| @@ -497,9 +497,17 @@ int syscall_check_list(const char *slist, void (*callback)(int fd, int syscall, | |||
| 497 | syscall_check_list(new_list, callback, fd, arg, ptrarg); | 497 | syscall_check_list(new_list, callback, fd, arg, ptrarg); |
| 498 | } | 498 | } |
| 499 | else { | 499 | else { |
| 500 | bool negate = false; | ||
| 501 | if (*ptr == '!') { | ||
| 502 | negate = true; | ||
| 503 | ptr++; | ||
| 504 | } | ||
| 500 | syscall_process_name(ptr, &syscall_nr, &error_nr); | 505 | syscall_process_name(ptr, &syscall_nr, &error_nr); |
| 501 | if (syscall_nr == -1) {;} | 506 | if (syscall_nr == -1) {;} |
| 502 | else if (callback != NULL) { | 507 | else if (callback != NULL) { |
| 508 | if (negate) { | ||
| 509 | syscall_nr = -syscall_nr; | ||
| 510 | } | ||
| 503 | if (error_nr != -1 && fd != 0) { | 511 | if (error_nr != -1 && fd != 0) { |
| 504 | filter_add_errno(fd, syscall_nr, error_nr, ptrarg); | 512 | filter_add_errno(fd, syscall_nr, error_nr, ptrarg); |
| 505 | } | 513 | } |
| @@ -522,7 +530,7 @@ static void find_syscall(int fd, int syscall, int arg, void *ptrarg) { | |||
| 522 | (void)fd; | 530 | (void)fd; |
| 523 | (void) arg; | 531 | (void) arg; |
| 524 | SyscallCheckList *ptr = ptrarg; | 532 | SyscallCheckList *ptr = ptrarg; |
| 525 | if (syscall == ptr->syscall) | 533 | if (abs(syscall) == ptr->syscall) |
| 526 | ptr->found = true; | 534 | ptr->found = true; |
| 527 | } | 535 | } |
| 528 | 536 | ||