mirror of https://git.tukaani.org/xz.git
xz: Simplify the error-label in Capsicum sandbox code.
Also remove unneeded "sandbox_allowed = false;" as this code will never be run more than once (making it work with multiple input files isn't trivial).
This commit is contained in:
parent
a0eecc235d
commit
717aa3651c
|
@ -193,32 +193,32 @@ io_sandbox_enter(int src_fd)
|
||||||
cap_rights_t rights;
|
cap_rights_t rights;
|
||||||
|
|
||||||
if (cap_enter())
|
if (cap_enter())
|
||||||
goto capsicum_error;
|
goto error;
|
||||||
|
|
||||||
if (cap_rights_limit(src_fd, cap_rights_init(&rights,
|
if (cap_rights_limit(src_fd, cap_rights_init(&rights,
|
||||||
CAP_EVENT, CAP_FCNTL, CAP_LOOKUP, CAP_READ, CAP_SEEK)))
|
CAP_EVENT, CAP_FCNTL, CAP_LOOKUP, CAP_READ, CAP_SEEK)))
|
||||||
goto capsicum_error;
|
goto error;
|
||||||
|
|
||||||
if (src_fd != STDIN_FILENO && cap_rights_limit(
|
if (src_fd != STDIN_FILENO && cap_rights_limit(
|
||||||
STDIN_FILENO, cap_rights_clear(&rights)))
|
STDIN_FILENO, cap_rights_clear(&rights)))
|
||||||
goto capsicum_error;
|
goto error;
|
||||||
|
|
||||||
if (cap_rights_limit(STDOUT_FILENO, cap_rights_init(&rights,
|
if (cap_rights_limit(STDOUT_FILENO, cap_rights_init(&rights,
|
||||||
CAP_EVENT, CAP_FCNTL, CAP_FSTAT, CAP_LOOKUP,
|
CAP_EVENT, CAP_FCNTL, CAP_FSTAT, CAP_LOOKUP,
|
||||||
CAP_WRITE, CAP_SEEK)))
|
CAP_WRITE, CAP_SEEK)))
|
||||||
goto capsicum_error;
|
goto error;
|
||||||
|
|
||||||
if (cap_rights_limit(STDERR_FILENO, cap_rights_init(&rights,
|
if (cap_rights_limit(STDERR_FILENO, cap_rights_init(&rights,
|
||||||
CAP_WRITE)))
|
CAP_WRITE)))
|
||||||
goto capsicum_error;
|
goto error;
|
||||||
|
|
||||||
if (cap_rights_limit(user_abort_pipe[0], cap_rights_init(&rights,
|
if (cap_rights_limit(user_abort_pipe[0], cap_rights_init(&rights,
|
||||||
CAP_EVENT)))
|
CAP_EVENT)))
|
||||||
goto capsicum_error;
|
goto error;
|
||||||
|
|
||||||
if (cap_rights_limit(user_abort_pipe[1], cap_rights_init(&rights,
|
if (cap_rights_limit(user_abort_pipe[1], cap_rights_init(&rights,
|
||||||
CAP_WRITE)))
|
CAP_WRITE)))
|
||||||
goto capsicum_error;
|
goto error;
|
||||||
|
|
||||||
#elif defined(HAVE_PLEDGE)
|
#elif defined(HAVE_PLEDGE)
|
||||||
// pledge() was introduced in OpenBSD 5.9.
|
// pledge() was introduced in OpenBSD 5.9.
|
||||||
|
@ -239,18 +239,15 @@ io_sandbox_enter(int src_fd)
|
||||||
//message(V_DEBUG, _("Sandbox was successfully enabled"));
|
//message(V_DEBUG, _("Sandbox was successfully enabled"));
|
||||||
return;
|
return;
|
||||||
|
|
||||||
|
error:
|
||||||
#ifdef HAVE_CAPSICUM
|
#ifdef HAVE_CAPSICUM
|
||||||
capsicum_error:
|
|
||||||
// If a kernel is configured without capability mode support or
|
// If a kernel is configured without capability mode support or
|
||||||
// used in an emulator that does not implement the capability
|
// used in an emulator that does not implement the capability
|
||||||
// system calls, then the capsicum system calls will fail and set
|
// system calls, then the Capsicum system calls will fail and set
|
||||||
// errno to ENOSYS.
|
// errno to ENOSYS. In that case xz will silently run without
|
||||||
if (errno == ENOSYS) {
|
// the sandbox.
|
||||||
sandbox_allowed = false;
|
if (errno == ENOSYS)
|
||||||
return;
|
return;
|
||||||
}
|
|
||||||
#else
|
|
||||||
error:
|
|
||||||
#endif
|
#endif
|
||||||
message_fatal(_("Failed to enable the sandbox"));
|
message_fatal(_("Failed to enable the sandbox"));
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue