xzdec: Tweak coding style and comments.

(cherry picked from commit 2739db9810)
This commit is contained in:
Lasse Collin 2024-04-08 17:07:08 +03:00
parent ebe9d6d8cb
commit a7b9cd7000
1 changed files with 21 additions and 11 deletions

View File

@ -313,10 +313,12 @@ sandbox_enter(int src_fd)
STDIN_FILENO, cap_rights_clear(&rights))) STDIN_FILENO, cap_rights_clear(&rights)))
goto error; goto error;
if (cap_rights_limit(STDOUT_FILENO, cap_rights_init(&rights, CAP_WRITE))) if (cap_rights_limit(STDOUT_FILENO, cap_rights_init(&rights,
CAP_WRITE)))
goto error; goto error;
if (cap_rights_limit(STDERR_FILENO, cap_rights_init(&rights, CAP_WRITE))) if (cap_rights_limit(STDERR_FILENO, cap_rights_init(&rights,
CAP_WRITE)))
goto error; goto error;
#elif defined(HAVE_PLEDGE) #elif defined(HAVE_PLEDGE)
@ -325,6 +327,7 @@ sandbox_enter(int src_fd)
goto error; goto error;
(void)src_fd; (void)src_fd;
#elif defined(HAVE_LINUX_LANDLOCK) #elif defined(HAVE_LINUX_LANDLOCK)
int landlock_abi = syscall(SYS_landlock_create_ruleset, int landlock_abi = syscall(SYS_landlock_create_ruleset,
(void *)NULL, 0, LANDLOCK_CREATE_RULESET_VERSION); (void *)NULL, 0, LANDLOCK_CREATE_RULESET_VERSION);
@ -351,6 +354,7 @@ sandbox_enter(int src_fd)
} }
(void)src_fd; (void)src_fd;
#else #else
# error ENABLE_SANDBOX is defined but no sandboxing method was found. # error ENABLE_SANDBOX is defined but no sandboxing method was found.
#endif #endif
@ -367,6 +371,7 @@ error:
if (errno == ENOSYS) if (errno == ENOSYS)
return; return;
#endif #endif
my_errorf("Failed to enable the sandbox"); my_errorf("Failed to enable the sandbox");
exit(EXIT_FAILURE); exit(EXIT_FAILURE);
} }
@ -390,8 +395,14 @@ main(int argc, char **argv)
#endif #endif
#ifdef HAVE_LINUX_LANDLOCK #ifdef HAVE_LINUX_LANDLOCK
// Prevent the process from gaining new privileges. The return // Prevent the process from gaining new privileges. This must be done
// is ignored to keep compatibility with old kernels. // before landlock_restrict_self(2) but since we will never need new
// privileges, this call can be done here already.
//
// This is supported since Linux 3.5. Ignore the return value to
// keep compatibility with old kernels. landlock_restrict_self(2)
// will fail if the no_new_privs attribute isn't set, thus if prctl()
// fails here the error will still be detected when it matters.
(void)prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0); (void)prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0);
#endif #endif
@ -438,19 +449,18 @@ main(int argc, char **argv)
} }
} }
#ifdef ENABLE_SANDBOX #ifdef ENABLE_SANDBOX
// Enable the sandbox for the last file. When the // Enable the strict sandbox for the last file.
// strict sandbox is enabled the process can no // Then the process can no longer open additional
// longer open additional files. It is likely that // files. The typical xzdec use case is to decompress
// the most common way to use xzdec is to // a single file so this way the strictest sandboxing
// decompress a single file, so this fully protects // is used in most cases.
// most use cases.
if (optind == argc - 1) if (optind == argc - 1)
sandbox_enter(fileno(src_file)); sandbox_enter(fileno(src_file));
#endif #endif
uncompress(&strm, src_file, src_name); uncompress(&strm, src_file, src_name);
if (src_file != stdin) if (src_file != stdin)
fclose(src_file); (void)fclose(src_file);
} while (++optind < argc); } while (++optind < argc);
} }