xz: Simplify the error-label in Capsicum sandbox code.

Also remove unneeded "sandbox_allowed = false;" as this code
will never be run more than once (making it work with multiple
input files isn't trivial).
This commit is contained in:
Lasse Collin 2023-03-11 18:42:08 +02:00
parent a0eecc235d
commit 717aa3651c
1 changed files with 12 additions and 15 deletions

View File

@ -193,32 +193,32 @@ io_sandbox_enter(int src_fd)
cap_rights_t rights; cap_rights_t rights;
if (cap_enter()) if (cap_enter())
goto capsicum_error; goto error;
if (cap_rights_limit(src_fd, cap_rights_init(&rights, if (cap_rights_limit(src_fd, cap_rights_init(&rights,
CAP_EVENT, CAP_FCNTL, CAP_LOOKUP, CAP_READ, CAP_SEEK))) CAP_EVENT, CAP_FCNTL, CAP_LOOKUP, CAP_READ, CAP_SEEK)))
goto capsicum_error; goto error;
if (src_fd != STDIN_FILENO && cap_rights_limit( if (src_fd != STDIN_FILENO && cap_rights_limit(
STDIN_FILENO, cap_rights_clear(&rights))) STDIN_FILENO, cap_rights_clear(&rights)))
goto capsicum_error; goto error;
if (cap_rights_limit(STDOUT_FILENO, cap_rights_init(&rights, if (cap_rights_limit(STDOUT_FILENO, cap_rights_init(&rights,
CAP_EVENT, CAP_FCNTL, CAP_FSTAT, CAP_LOOKUP, CAP_EVENT, CAP_FCNTL, CAP_FSTAT, CAP_LOOKUP,
CAP_WRITE, CAP_SEEK))) CAP_WRITE, CAP_SEEK)))
goto capsicum_error; goto error;
if (cap_rights_limit(STDERR_FILENO, cap_rights_init(&rights, if (cap_rights_limit(STDERR_FILENO, cap_rights_init(&rights,
CAP_WRITE))) CAP_WRITE)))
goto capsicum_error; goto error;
if (cap_rights_limit(user_abort_pipe[0], cap_rights_init(&rights, if (cap_rights_limit(user_abort_pipe[0], cap_rights_init(&rights,
CAP_EVENT))) CAP_EVENT)))
goto capsicum_error; goto error;
if (cap_rights_limit(user_abort_pipe[1], cap_rights_init(&rights, if (cap_rights_limit(user_abort_pipe[1], cap_rights_init(&rights,
CAP_WRITE))) CAP_WRITE)))
goto capsicum_error; goto error;
#elif defined(HAVE_PLEDGE) #elif defined(HAVE_PLEDGE)
// pledge() was introduced in OpenBSD 5.9. // pledge() was introduced in OpenBSD 5.9.
@ -239,18 +239,15 @@ io_sandbox_enter(int src_fd)
//message(V_DEBUG, _("Sandbox was successfully enabled")); //message(V_DEBUG, _("Sandbox was successfully enabled"));
return; return;
error:
#ifdef HAVE_CAPSICUM #ifdef HAVE_CAPSICUM
capsicum_error:
// If a kernel is configured without capability mode support or // If a kernel is configured without capability mode support or
// used in an emulator that does not implement the capability // used in an emulator that does not implement the capability
// system calls, then the capsicum system calls will fail and set // system calls, then the Capsicum system calls will fail and set
// errno to ENOSYS. // errno to ENOSYS. In that case xz will silently run without
if (errno == ENOSYS) { // the sandbox.
sandbox_allowed = false; if (errno == ENOSYS)
return; return;
}
#else
error:
#endif #endif
message_fatal(_("Failed to enable the sandbox")); message_fatal(_("Failed to enable the sandbox"));
} }