diff options
Diffstat (limited to 'src')
-rw-r--r-- | src/firejail/fs.c | 28 |
1 files changed, 15 insertions, 13 deletions
diff --git a/src/firejail/fs.c b/src/firejail/fs.c index 14d7d7156..9a15d825e 100644 --- a/src/firejail/fs.c +++ b/src/firejail/fs.c | |||
@@ -204,21 +204,23 @@ static void globbing(OPERATION op, const char *pattern, const char *noblacklist[ | |||
204 | continue; | 204 | continue; |
205 | // noblacklist is expected to be short in normal cases, so stupid and correct brute force is okay | 205 | // noblacklist is expected to be short in normal cases, so stupid and correct brute force is okay |
206 | bool okay_to_blacklist = true; | 206 | bool okay_to_blacklist = true; |
207 | for (j = 0; j < noblacklist_len; j++) { | 207 | if (op == BLACKLIST_FILE || op == BLACKLIST_NOLOG) { |
208 | int result = fnmatch(noblacklist[j], path, FNM_PATHNAME); | 208 | for (j = 0; j < noblacklist_len; j++) { |
209 | if (result == FNM_NOMATCH) | 209 | int result = fnmatch(noblacklist[j], path, FNM_PATHNAME); |
210 | continue; | 210 | if (result == FNM_NOMATCH) |
211 | else if (result == 0) { | 211 | continue; |
212 | okay_to_blacklist = false; | 212 | else if (result == 0) { |
213 | okay_to_blacklist = false; | ||
213 | #ifdef TEST_NO_BLACKLIST_MATCHING | 214 | #ifdef TEST_NO_BLACKLIST_MATCHING |
214 | if (j < nbcheck_size) // noblacklist checking | 215 | if (j < nbcheck_size) // noblacklist checking |
215 | nbcheck[j] = 1; | 216 | nbcheck[j] = 1; |
216 | #endif | 217 | #endif |
217 | break; | 218 | break; |
218 | } | 219 | } |
219 | else { | 220 | else { |
220 | fprintf(stderr, "Error: failed to compare path %s with pattern %s\n", path, noblacklist[j]); | 221 | fprintf(stderr, "Error: failed to compare path %s with pattern %s\n", path, noblacklist[j]); |
221 | exit(1); | 222 | exit(1); |
223 | } | ||
222 | } | 224 | } |
223 | } | 225 | } |
224 | 226 | ||