summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDaniel Mack <github@zonque.org>2015-11-02 11:45:06 +0100
committerDaniel Mack <github@zonque.org>2015-11-02 11:45:06 +0100
commitcb6762862b1151d06ed856c37b0ebab0796781e3 (patch)
tree6d574e05b8a663976d9c9f4b93def0977abce7ff
parent117b94060da6ec4bacbc2319264bb0f921ce7bf1 (diff)
parent9ef57298cc57b105c62e2f1dab9ef5837d910604 (diff)
Merge pull request #1722 from evverx/port-cap-bounding-set-to-extract-first-word
Port capabiliy bounding set parsing to extract_first_word
-rw-r--r--src/core/load-fragment.c28
-rw-r--r--src/test/test-unit-file.c7
2 files changed, 25 insertions, 10 deletions
diff --git a/src/core/load-fragment.c b/src/core/load-fragment.c
index 333fca46c4..a30cd0967d 100644
--- a/src/core/load-fragment.c
+++ b/src/core/load-fragment.c
@@ -983,10 +983,10 @@ int config_parse_bounding_set(const char *unit,
uint64_t *capability_bounding_set_drop = data;
uint64_t capability_bounding_set;
- const char *word, *state;
- size_t l;
bool invert = false;
uint64_t sum = 0;
+ const char *prev;
+ const char *cur;
assert(filename);
assert(lvalue);
@@ -1003,24 +1003,32 @@ int config_parse_bounding_set(const char *unit,
* non-inverted everywhere to have a fully normalized
* interface. */
- FOREACH_WORD_QUOTED(word, l, rvalue, state) {
- _cleanup_free_ char *t = NULL;
+ prev = cur = rvalue;
+ for (;;) {
+ _cleanup_free_ char *word = NULL;
int cap;
+ int r;
- t = strndup(word, l);
- if (!t)
+ r = extract_first_word(&cur, &word, NULL, EXTRACT_QUOTES);
+ if (r == 0)
+ break;
+ if (r == -ENOMEM)
return log_oom();
+ if (r < 0) {
+ log_syntax(unit, LOG_ERR, filename, line, r, "Trailing garbage in bounding set, ignoring: %s", prev);
+ break;
+ }
- cap = capability_from_name(t);
+ cap = capability_from_name(word);
if (cap < 0) {
- log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse capability in bounding set, ignoring: %s", t);
+ log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse capability in bounding set, ignoring: %s", word);
+ prev = cur;
continue;
}
sum |= ((uint64_t) 1ULL) << (uint64_t) cap;
+ prev = cur;
}
- if (!isempty(state))
- log_syntax(unit, LOG_ERR, filename, line, 0, "Trailing garbage, ignoring.");
capability_bounding_set = invert ? ~sum : sum;
if (*capability_bounding_set_drop && capability_bounding_set)
diff --git a/src/test/test-unit-file.c b/src/test/test-unit-file.c
index a2ca391e1a..f9107e0d0d 100644
--- a/src/test/test-unit-file.c
+++ b/src/test/test-unit-file.c
@@ -672,6 +672,13 @@ static void test_config_parse_bounding_set(void) {
&capability_bounding_set_drop, NULL);
assert_se(r >= 0);
assert_se(capability_bounding_set_drop == (uint64_t) 0ULL);
+
+ capability_bounding_set_drop = 0;
+ r = config_parse_bounding_set(NULL, "fake", 1, "section", 1,
+ "CapabilityBoundingSet", 0, " 'CAP_NET_RAW' WAT_CAP??? CAP_NET_ADMIN CAP'_trailing_garbage",
+ &capability_bounding_set_drop, NULL);
+ assert_se(r >= 0);
+ assert_se(capability_bounding_set_drop == ~(make_cap(CAP_NET_RAW) | make_cap(CAP_NET_ADMIN)));
}
int main(int argc, char *argv[]) {