summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: e6e6c0d)
raw | patch | inline | side by side (parent: e6e6c0d)
author | Marc Fournier <marc.fournier@camptocamp.com> | |
Wed, 10 Aug 2016 16:14:35 +0000 (18:14 +0200) | ||
committer | Marc Fournier <marc.fournier@camptocamp.com> | |
Wed, 10 Aug 2016 16:14:35 +0000 (18:14 +0200) |
src/daemon/common.c | patch | blob | history |
diff --git a/src/daemon/common.c b/src/daemon/common.c
index 765619160cbcda31cba551e13f2be4eba66e0b56..a522759cebf7437c6b4fb03e6698c156d2f6f86f 100644 (file)
--- a/src/daemon/common.c
+++ b/src/daemon/common.c
int check_capability (int capability) /* {{{ */
{
#ifdef _LINUX_CAPABILITY_VERSION_3
- struct __user_cap_header_struct cap_header_data;
- cap_user_header_t cap_header = &cap_header_data;
- struct __user_cap_data_struct cap_data_data;
- cap_user_data_t cap_data = &cap_data_data;
+ cap_user_header_t cap_header = calloc(sizeof (*cap_header), 1);
+ if (cap_header == NULL)
+ {
+ ERROR("check_capability: calloc failed");
+ return (-1);
+ }
+
+ cap_user_data_t cap_data = calloc(sizeof (*cap_data), 1);
+ if (cap_data == NULL)
+ {
+ ERROR("check_capability: calloc failed");
+ return (-1);
+ }
cap_header->pid = getpid();
cap_header->version = _LINUX_CAPABILITY_VERSION;
if (capget(cap_header, cap_data) < 0)
{
ERROR("check_capability: capget failed");
+ sfree(cap_header);
+ sfree(cap_data);
return (-1);
}
if ((cap_data->effective & (1 << capability)) == 0)
+ {
+ sfree(cap_header);
+ sfree(cap_data);
return (-1);
+ }
else
+ {
+ sfree(cap_header);
+ sfree(cap_data);
return (0);
+ }
#else
WARNING ("check_capability: unsupported capability implementation. "
"Some plugin(s) may require elevated privileges to work properly.");