Code

src/daemon/common.c: avoid using private structs from <linux/capability.h>
authorMarc Fournier <marc.fournier@camptocamp.com>
Wed, 10 Aug 2016 16:14:35 +0000 (18:14 +0200)
committerMarc Fournier <marc.fournier@camptocamp.com>
Wed, 10 Aug 2016 16:14:35 +0000 (18:14 +0200)
src/daemon/common.c

index 765619160cbcda31cba551e13f2be4eba66e0b56..a522759cebf7437c6b4fb03e6698c156d2f6f86f 100644 (file)
@@ -1677,23 +1677,42 @@ void strarray_free (char **array, size_t array_len) /* {{{ */
 int check_capability (int capability) /* {{{ */
 {
 #ifdef _LINUX_CAPABILITY_VERSION_3
-       struct __user_cap_header_struct cap_header_data;
-       cap_user_header_t cap_header = &cap_header_data;
-       struct __user_cap_data_struct cap_data_data;
-       cap_user_data_t cap_data = &cap_data_data;
+       cap_user_header_t cap_header = calloc(sizeof (*cap_header), 1);
+       if (cap_header == NULL)
+       {
+               ERROR("check_capability: calloc failed");
+               return (-1);
+       }
+
+       cap_user_data_t cap_data = calloc(sizeof (*cap_data), 1);
+       if (cap_data == NULL)
+       {
+               ERROR("check_capability: calloc failed");
+               return (-1);
+       }
 
        cap_header->pid = getpid();
        cap_header->version = _LINUX_CAPABILITY_VERSION;
        if (capget(cap_header, cap_data) < 0)
        {
                ERROR("check_capability: capget failed");
+               sfree(cap_header);
+               sfree(cap_data);
                return (-1);
        }
 
        if ((cap_data->effective & (1 << capability)) == 0)
+       {
+               sfree(cap_header);
+               sfree(cap_data);
                return (-1);
+       }
        else
+       {
+               sfree(cap_header);
+               sfree(cap_data);
                return (0);
+       }
 #else
        WARNING ("check_capability: unsupported capability implementation. "
            "Some plugin(s) may require elevated privileges to work properly.");