aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorLasse Collin <lasse.collin@tukaani.org>2024-04-08 17:07:08 +0300
committerLasse Collin <lasse.collin@tukaani.org>2024-04-09 18:22:27 +0300
commit2739db981023373a2ddabc7b456c7e658bb4f582 (patch)
tree1c8d637ba0276d2fa00704e0baefdf53631f9fe4 /src
parenttests/ossfuzz: Tiny fix to a comment. (diff)
downloadxz-2739db981023373a2ddabc7b456c7e658bb4f582.tar.xz
xzdec: Tweak coding style and comments.
Diffstat (limited to 'src')
-rw-r--r--src/xzdec/xzdec.c32
1 files changed, 21 insertions, 11 deletions
diff --git a/src/xzdec/xzdec.c b/src/xzdec/xzdec.c
index ef8c80f3..adfa17e8 100644
--- a/src/xzdec/xzdec.c
+++ b/src/xzdec/xzdec.c
@@ -313,10 +313,12 @@ sandbox_enter(int src_fd)
STDIN_FILENO, cap_rights_clear(&rights)))
goto error;
- if (cap_rights_limit(STDOUT_FILENO, cap_rights_init(&rights, CAP_WRITE)))
+ if (cap_rights_limit(STDOUT_FILENO, cap_rights_init(&rights,
+ CAP_WRITE)))
goto error;
- if (cap_rights_limit(STDERR_FILENO, cap_rights_init(&rights, CAP_WRITE)))
+ if (cap_rights_limit(STDERR_FILENO, cap_rights_init(&rights,
+ CAP_WRITE)))
goto error;
#elif defined(HAVE_PLEDGE)
@@ -325,6 +327,7 @@ sandbox_enter(int src_fd)
goto error;
(void)src_fd;
+
#elif defined(HAVE_LINUX_LANDLOCK)
int landlock_abi = syscall(SYS_landlock_create_ruleset,
(void *)NULL, 0, LANDLOCK_CREATE_RULESET_VERSION);
@@ -351,6 +354,7 @@ sandbox_enter(int src_fd)
}
(void)src_fd;
+
#else
# error ENABLE_SANDBOX is defined but no sandboxing method was found.
#endif
@@ -367,6 +371,7 @@ error:
if (errno == ENOSYS)
return;
#endif
+
my_errorf("Failed to enable the sandbox");
exit(EXIT_FAILURE);
}
@@ -390,8 +395,14 @@ main(int argc, char **argv)
#endif
#ifdef HAVE_LINUX_LANDLOCK
- // Prevent the process from gaining new privileges. The return
- // is ignored to keep compatibility with old kernels.
+ // Prevent the process from gaining new privileges. This must be done
+ // before landlock_restrict_self(2) but since we will never need new
+ // privileges, this call can be done here already.
+ //
+ // This is supported since Linux 3.5. Ignore the return value to
+ // keep compatibility with old kernels. landlock_restrict_self(2)
+ // will fail if the no_new_privs attribute isn't set, thus if prctl()
+ // fails here the error will still be detected when it matters.
(void)prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0);
#endif
@@ -438,19 +449,18 @@ main(int argc, char **argv)
}
}
#ifdef ENABLE_SANDBOX
- // Enable the sandbox for the last file. When the
- // strict sandbox is enabled the process can no
- // longer open additional files. It is likely that
- // the most common way to use xzdec is to
- // decompress a single file, so this fully protects
- // most use cases.
+ // Enable the strict sandbox for the last file.
+ // Then the process can no longer open additional
+ // files. The typical xzdec use case is to decompress
+ // a single file so this way the strictest sandboxing
+ // is used in most cases.
if (optind == argc - 1)
sandbox_enter(fileno(src_file));
#endif
uncompress(&strm, src_file, src_name);
if (src_file != stdin)
- fclose(src_file);
+ (void)fclose(src_file);
} while (++optind < argc);
}