* Stefan Hajnoczi (stefa...@redhat.com) wrote:
> On Thu, Jun 25, 2020 at 05:29:29PM +0100, Dr. David Alan Gilbert (git) wrote:
> > + /*
> > + * The modcaps option is a colon separated list of caps,
> > + * each preceded by either + or -.
> > + */
> > + while (lo->modcaps) {
> > + capng_act_t action;
> > + int cap;
> > +
> > + char *next = strchr(lo->modcaps, ':');
> > + if (next) {
> > + *next = '\0';
> > + next++;
> > + }
> > +
> > + switch (lo->modcaps[0]) {
> > + case '+':
> > + action = CAPNG_ADD;
> > + break;
> > +
> > + case '-':
> > + action = CAPNG_DROP;
> > + break;
> > +
> > + default:
> > + fuse_log(FUSE_LOG_ERR,
> > + "%s: Expecting '+'/'-' in modcaps but found '%c'\n",
> > + __func__, lo->modcaps[0]);
> > + exit(1);
> > + }
> > + cap = capng_name_to_capability(lo->modcaps + 1);
> > + if (cap < 0) {
> > + fuse_log(FUSE_LOG_ERR, "%s: Unknown capability '%s'\n",
> > __func__,
> > + lo->modcaps);
> > + exit(1);
> > + }
> > + if (capng_update(action, CAPNG_PERMITTED | CAPNG_EFFECTIVE, cap)) {
> > + fuse_log(FUSE_LOG_ERR, "%s: capng_update failed for '%s'\n",
> > + __func__, lo->modcaps);
> > + exit(1);
> > + }
> > +
> > + lo->modcaps = next;
>
> How about passing char *modcaps into this function so that lo->modcaps
> isn't modified by the parsing loop? That seems a bit cleaner and if we
> ever decide to free lo->modcaps it will work as expected.
Yep, can do.
Dave
> Stefan
--
Dr. David Alan Gilbert / dgilb...@redhat.com / Manchester, UK
