diff options
Diffstat (limited to 'src')
-rw-r--r-- | src/firejail/caps.c | 2 | ||||
-rw-r--r-- | src/firejail/cpu.c | 2 | ||||
-rw-r--r-- | src/firejail/fs_etc.c | 1 | ||||
-rw-r--r-- | src/firejail/profile.c | 1 | ||||
-rw-r--r-- | src/firejail/util.c | 11 |
5 files changed, 12 insertions, 5 deletions
diff --git a/src/firejail/caps.c b/src/firejail/caps.c index 838934aee..d623c5fd3 100644 --- a/src/firejail/caps.c +++ b/src/firejail/caps.c | |||
@@ -193,7 +193,6 @@ static int caps_find_name(const char *name) { | |||
193 | 193 | ||
194 | // return 1 if error, 0 if OK | 194 | // return 1 if error, 0 if OK |
195 | int caps_check_list(const char *clist, void (*callback)(int)) { | 195 | int caps_check_list(const char *clist, void (*callback)(int)) { |
196 | |||
197 | // don't allow empty lists | 196 | // don't allow empty lists |
198 | if (clist == NULL || *clist == '\0') { | 197 | if (clist == NULL || *clist == '\0') { |
199 | fprintf(stderr, "Error: empty capabilities lists are not allowed\n"); | 198 | fprintf(stderr, "Error: empty capabilities lists are not allowed\n"); |
@@ -400,6 +399,7 @@ static uint64_t extract_caps(int pid) { | |||
400 | 399 | ||
401 | 400 | ||
402 | void caps_print_filter_name(const char *name) { | 401 | void caps_print_filter_name(const char *name) { |
402 | EUID_ASSERT(); | ||
403 | if (!name || strlen(name) == 0) { | 403 | if (!name || strlen(name) == 0) { |
404 | fprintf(stderr, "Error: invalid sandbox name\n"); | 404 | fprintf(stderr, "Error: invalid sandbox name\n"); |
405 | exit(1); | 405 | exit(1); |
diff --git a/src/firejail/cpu.c b/src/firejail/cpu.c index bfad1dc25..23906ae48 100644 --- a/src/firejail/cpu.c +++ b/src/firejail/cpu.c | |||
@@ -40,6 +40,8 @@ static void set_cpu(const char *str) { | |||
40 | } | 40 | } |
41 | 41 | ||
42 | void read_cpu_list(const char *str) { | 42 | void read_cpu_list(const char *str) { |
43 | EUID_ASSERT(); | ||
44 | |||
43 | char *tmp = strdup(str); | 45 | char *tmp = strdup(str); |
44 | if (tmp == NULL) | 46 | if (tmp == NULL) |
45 | errExit("strdup"); | 47 | errExit("strdup"); |
diff --git a/src/firejail/fs_etc.c b/src/firejail/fs_etc.c index c3a247331..5a8bf6904 100644 --- a/src/firejail/fs_etc.c +++ b/src/firejail/fs_etc.c | |||
@@ -57,6 +57,7 @@ static int check_dir_or_file(const char *name) { | |||
57 | } | 57 | } |
58 | 58 | ||
59 | void fs_check_etc_list(void) { | 59 | void fs_check_etc_list(void) { |
60 | EUID_ASSERT(); | ||
60 | if (strstr(cfg.etc_private_keep, "..")) { | 61 | if (strstr(cfg.etc_private_keep, "..")) { |
61 | fprintf(stderr, "Error: invalid private etc list\n"); | 62 | fprintf(stderr, "Error: invalid private etc list\n"); |
62 | exit(1); | 63 | exit(1); |
diff --git a/src/firejail/profile.c b/src/firejail/profile.c index 518fdf194..112454396 100644 --- a/src/firejail/profile.c +++ b/src/firejail/profile.c | |||
@@ -25,6 +25,7 @@ | |||
25 | 25 | ||
26 | // find and read the profile specified by name from dir directory | 26 | // find and read the profile specified by name from dir directory |
27 | int profile_find(const char *name, const char *dir) { | 27 | int profile_find(const char *name, const char *dir) { |
28 | EUID_ASSERT(); | ||
28 | assert(name); | 29 | assert(name); |
29 | assert(dir); | 30 | assert(dir); |
30 | 31 | ||
diff --git a/src/firejail/util.c b/src/firejail/util.c index a74693c7a..3463095f9 100644 --- a/src/firejail/util.c +++ b/src/firejail/util.c | |||
@@ -258,6 +258,7 @@ int is_link(const char *fname) { | |||
258 | 258 | ||
259 | // remove multiple spaces and return allocated memory | 259 | // remove multiple spaces and return allocated memory |
260 | char *line_remove_spaces(const char *buf) { | 260 | char *line_remove_spaces(const char *buf) { |
261 | EUID_ASSERT(); | ||
261 | assert(buf); | 262 | assert(buf); |
262 | if (strlen(buf) == 0) | 263 | if (strlen(buf) == 0) |
263 | return NULL; | 264 | return NULL; |
@@ -307,6 +308,7 @@ char *line_remove_spaces(const char *buf) { | |||
307 | 308 | ||
308 | 309 | ||
309 | char *split_comma(char *str) { | 310 | char *split_comma(char *str) { |
311 | EUID_ASSERT(); | ||
310 | if (str == NULL || *str == '\0') | 312 | if (str == NULL || *str == '\0') |
311 | return NULL; | 313 | return NULL; |
312 | char *ptr = strchr(str, ','); | 314 | char *ptr = strchr(str, ','); |
@@ -340,6 +342,7 @@ int not_unsigned(const char *str) { | |||
340 | #define BUFLEN 4096 | 342 | #define BUFLEN 4096 |
341 | // find the first child for this parent; return 1 if error | 343 | // find the first child for this parent; return 1 if error |
342 | int find_child(pid_t parent, pid_t *child) { | 344 | int find_child(pid_t parent, pid_t *child) { |
345 | EUID_ASSERT(); | ||
343 | *child = 0; // use it to flag a found child | 346 | *child = 0; // use it to flag a found child |
344 | 347 | ||
345 | DIR *dir; | 348 | DIR *dir; |
@@ -530,8 +533,7 @@ void notify_other(int fd) { | |||
530 | // directory (supplied). | 533 | // directory (supplied). |
531 | // The return value is allocated using malloc and must be freed by the caller. | 534 | // The return value is allocated using malloc and must be freed by the caller. |
532 | // The function returns NULL if there are any errors. | 535 | // The function returns NULL if there are any errors. |
533 | char *expand_home(const char *path, const char* homedir) | 536 | char *expand_home(const char *path, const char* homedir) { |
534 | { | ||
535 | assert(path); | 537 | assert(path); |
536 | assert(homedir); | 538 | assert(homedir); |
537 | 539 | ||
@@ -554,8 +556,7 @@ char *expand_home(const char *path, const char* homedir) | |||
554 | // Equivalent to the GNU version of basename, which is incompatible with | 556 | // Equivalent to the GNU version of basename, which is incompatible with |
555 | // the POSIX basename. A few lines of code saves any portability pain. | 557 | // the POSIX basename. A few lines of code saves any portability pain. |
556 | // https://www.gnu.org/software/libc/manual/html_node/Finding-Tokens-in-a-String.html#index-basename | 558 | // https://www.gnu.org/software/libc/manual/html_node/Finding-Tokens-in-a-String.html#index-basename |
557 | const char *gnu_basename(const char *path) | 559 | const char *gnu_basename(const char *path) { |
558 | { | ||
559 | const char *last_slash = strrchr(path, '/'); | 560 | const char *last_slash = strrchr(path, '/'); |
560 | if (!last_slash) | 561 | if (!last_slash) |
561 | return path; | 562 | return path; |
@@ -563,6 +564,7 @@ const char *gnu_basename(const char *path) | |||
563 | } | 564 | } |
564 | 565 | ||
565 | uid_t pid_get_uid(pid_t pid) { | 566 | uid_t pid_get_uid(pid_t pid) { |
567 | EUID_ASSERT(); | ||
566 | uid_t rv = 0; | 568 | uid_t rv = 0; |
567 | 569 | ||
568 | // open status file | 570 | // open status file |
@@ -606,6 +608,7 @@ uid_t pid_get_uid(pid_t pid) { | |||
606 | } | 608 | } |
607 | 609 | ||
608 | void invalid_filename(const char *fname) { | 610 | void invalid_filename(const char *fname) { |
611 | EUID_ASSERT(); | ||
609 | assert(fname); | 612 | assert(fname); |
610 | const char *ptr = fname; | 613 | const char *ptr = fname; |
611 | 614 | ||