diff options
Diffstat (limited to 'src/fseccomp/syscall.c')
-rw-r--r-- | src/fseccomp/syscall.c | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/src/fseccomp/syscall.c b/src/fseccomp/syscall.c index 3b698d2dd..d31b719d6 100644 --- a/src/fseccomp/syscall.c +++ b/src/fseccomp/syscall.c | |||
@@ -497,9 +497,17 @@ int syscall_check_list(const char *slist, void (*callback)(int fd, int syscall, | |||
497 | syscall_check_list(new_list, callback, fd, arg, ptrarg); | 497 | syscall_check_list(new_list, callback, fd, arg, ptrarg); |
498 | } | 498 | } |
499 | else { | 499 | else { |
500 | bool negate = false; | ||
501 | if (*ptr == '!') { | ||
502 | negate = true; | ||
503 | ptr++; | ||
504 | } | ||
500 | syscall_process_name(ptr, &syscall_nr, &error_nr); | 505 | syscall_process_name(ptr, &syscall_nr, &error_nr); |
501 | if (syscall_nr == -1) {;} | 506 | if (syscall_nr == -1) {;} |
502 | else if (callback != NULL) { | 507 | else if (callback != NULL) { |
508 | if (negate) { | ||
509 | syscall_nr = -syscall_nr; | ||
510 | } | ||
503 | if (error_nr != -1 && fd != 0) { | 511 | if (error_nr != -1 && fd != 0) { |
504 | filter_add_errno(fd, syscall_nr, error_nr, ptrarg); | 512 | filter_add_errno(fd, syscall_nr, error_nr, ptrarg); |
505 | } | 513 | } |
@@ -522,7 +530,7 @@ static void find_syscall(int fd, int syscall, int arg, void *ptrarg) { | |||
522 | (void)fd; | 530 | (void)fd; |
523 | (void) arg; | 531 | (void) arg; |
524 | SyscallCheckList *ptr = ptrarg; | 532 | SyscallCheckList *ptr = ptrarg; |
525 | if (syscall == ptr->syscall) | 533 | if (abs(syscall) == ptr->syscall) |
526 | ptr->found = true; | 534 | ptr->found = true; |
527 | } | 535 | } |
528 | 536 | ||