From 34a5d5e52661212c7a145cbab45e70a6df7ba284 Mon Sep 17 00:00:00 2001 From: David Herrmann Date: Tue, 30 Dec 2014 08:42:53 +0100 Subject: bus: drop creds->capability_size The number of available caps can be read from /proc/sys/kernel/cap_last_cap during runtime. Our helper cap_last_cap() does that, so there's no reason to remember the size of any capability cache. We can just pre-allocate arrays with a suitable size for all available caps and reject any higher caps. The kernel capability API uses u32 as base so make sure we do the same. Note that this is specified by POSIX, so it's unlikely to change. --- src/libsystemd/sd-bus/bus-control.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) (limited to 'src/libsystemd/sd-bus/bus-control.c') diff --git a/src/libsystemd/sd-bus/bus-control.c b/src/libsystemd/sd-bus/bus-control.c index e86546c343..b2394db3eb 100644 --- a/src/libsystemd/sd-bus/bus-control.c +++ b/src/libsystemd/sd-bus/bus-control.c @@ -33,6 +33,7 @@ #include "bus-control.h" #include "bus-bloom.h" #include "bus-util.h" +#include "capability.h" #include "cgroup-util.h" _public_ int sd_bus_get_unique_name(sd_bus *bus, const char **unique) { @@ -520,8 +521,11 @@ static int bus_populate_creds_from_items( SD_BUS_CREDS_INHERITABLE_CAPS | SD_BUS_CREDS_BOUNDING_CAPS) & mask; if (m) { - c->capability_size = item->size - offsetof(struct kdbus_item, caps.caps); - c->capability = memdup(item->caps.caps, c->capability_size); + if (item->caps.last_cap != cap_last_cap() || + item->size - offsetof(struct kdbus_item, caps.caps) < DIV_ROUND_UP(item->caps.last_cap, 32U) * 4 * 4) + return -EBADMSG; + + c->capability = memdup(item->caps.caps, item->size - offsetof(struct kdbus_item, caps.caps)); if (!c->capability) return -ENOMEM; -- cgit v1.2.3-54-g00ecf