Date: Thu, 12 Sep 2013 21:28:09 GMT From: dpl@FreeBSD.org To: svn-soc-all@FreeBSD.org Subject: socsvn commit: r257249 - soc2013/dpl/head/lib/libzcap Message-ID: <201309122128.r8CLS9CM089716@socsvn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: dpl Date: Thu Sep 12 21:28:09 2013 New Revision: 257249 URL: http://svnweb.FreeBSD.org/socsvn/?view=rev&rev=257249 Log: Limited fd of gzopen() depending on the mode. Modified: soc2013/dpl/head/lib/libzcap/gzlib.c Modified: soc2013/dpl/head/lib/libzcap/gzlib.c ============================================================================== --- soc2013/dpl/head/lib/libzcap/gzlib.c Thu Sep 12 20:51:48 2013 (r257248) +++ soc2013/dpl/head/lib/libzcap/gzlib.c Thu Sep 12 21:28:09 2013 (r257249) @@ -15,6 +15,7 @@ #include "commands.h" #include "zconf.h" +static void limitgzip(int fd, const char *mode); /* -- see zlib.h -- */ gzFile ZEXPORT gzopen(path, mode) const char *path; @@ -23,7 +24,6 @@ int oflag = 0; int fd; const char *loopmode; - cap_rights_t rights; mode_t mode2; loopmode = mode; @@ -64,15 +64,51 @@ if ((fd = open(path, oflag, mode2)) < 0) err(1, "zcaplib: Couldn't create gzip file"); - //limitgzip(fd, mode); - cap_rights_init(&rights, CAP_READ, CAP_SEEK, CAP_WRITE, CAP_FSTAT, CAP_FCNTL); + limitgzip(fd, mode); + + return gzdopen(fd, mode); +} + +static void limitgzip(fd, mode) + int fd; + const char *mode; +{ + cap_rights_t rights; + const char *loopmode; + int capread, capwrite; + + capread = capwrite = 0; + + loopmode = mode; + while(*loopmode) { + switch (*loopmode){ +#ifndef NO_GZCOMPRESS + case('w'): + case('a'): + capwrite = 1; + break; +#endif + case('r'): + capread = 1; + break; + default: + ; + } + ++loopmode; + } + + if (capread == 1) + cap_rights_init(&rights, CAP_READ, CAP_SEEK, CAP_FSTAT, CAP_FCNTL); + + if (capwrite == 1) + cap_rights_init(&rights, CAP_WRITE, CAP_SEEK, CAP_FSTAT, CAP_FCNTL); + if (cap_rights_limit(fd, &rights) < 0) err(1, "zcaplib: Couldn't limit fd: %d", fd); if (cap_fcntls_limit(fd, CAP_FCNTL_GETFL) < 0) err(1, "zcaplib: Couldn't limit fcntls of fd: %d", fd); - return gzdopen(fd, mode); } /* -- see zlib.h -- */
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201309122128.r8CLS9CM089716>