diff options
| author | Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> | 2017-09-25 11:09:57 +0200 |
|---|---|---|
| committer | Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> | 2017-09-25 11:11:20 +0200 |
| commit | 6088cefb217184a0a80d80a42b2ab98bc4e07ab7 (patch) | |
| tree | ecabfb0ea47d4486a11ac28841d749f8a33f64fa | |
| parent | efaa3176ad0e763a0fafd4519d4391813a88ba0e (diff) | |
| download | systemd-6088cefb217184a0a80d80a42b2ab98bc4e07ab7.tar.gz systemd-6088cefb217184a0a80d80a42b2ab98bc4e07ab7.tar.bz2 systemd-6088cefb217184a0a80d80a42b2ab98bc4e07ab7.zip | |
basic/cap-list: report empty capability set as ""
$ systemctl show systemd-journald -p CapabilityBoundingSet,AmbientCapabilities
CapabilityBoundingSet=cap_chown cap_dac_override cap_dac_read_search cap_fowner cap_setgid ...
AmbientCapabilities=(null)
↓
$ systemctl show systemd-journald -p CapabilityBoundingSet,AmbientCapabilities
CapabilityBoundingSet=cap_chown cap_dac_override cap_dac_read_search cap_fowner cap_setgid ...
AmbientCapabilities=
Partially fixes #6511. Add some basic tests for the printing function.
| -rw-r--r-- | src/basic/cap-list.c | 8 | ||||
| -rw-r--r-- | src/test/test-cap-list.c | 15 |
2 files changed, 20 insertions, 3 deletions
diff --git a/src/basic/cap-list.c b/src/basic/cap-list.c index 124641f940..2e9b2d9a55 100644 --- a/src/basic/cap-list.c +++ b/src/basic/cap-list.c @@ -86,15 +86,17 @@ int capability_set_to_string_alloc(uint64_t set, char **s) { add = strlen(p); - if (!GREEDY_REALLOC0(str, allocated, n + add + 2)) + if (!GREEDY_REALLOC(str, allocated, n + add + 2)) return -ENOMEM; strcpy(mempcpy(str + n, p, add), " "); n += add + 1; } - if (n != 0) - str[n - 1] = '\0'; + if (!GREEDY_REALLOC(str, allocated, n + 1)) + return -ENOMEM; + + str[n > 0 ? n - 1 : 0] = '\0'; /* truncate the last space, if it's there */ *s = str; str = NULL; diff --git a/src/test/test-cap-list.c b/src/test/test-cap-list.c index 4132ec56fd..c1af277f34 100644 --- a/src/test/test-cap-list.c +++ b/src/test/test-cap-list.c @@ -24,6 +24,7 @@ #include "capability-util.h" #include "fileio.h" #include "parse-util.h" +#include "string-util.h" #include "util.h" /* verify the capability parser */ @@ -102,10 +103,24 @@ static void test_last_cap_probe(void) { assert_se(p == cap_last_cap()); } +static void test_capability_set_to_string_alloc(void) { + _cleanup_free_ char *t1 = NULL, *t2 = NULL, *t3 = NULL; + + assert_se(capability_set_to_string_alloc(0u, &t1) == 0); + assert_se(streq(t1, "")); + + assert_se(capability_set_to_string_alloc(1u<<CAP_DAC_OVERRIDE, &t2) == 0); + assert_se(streq(t2, "cap_dac_override")); + + assert_se(capability_set_to_string_alloc(UINT64_C(1)<<CAP_CHOWN | UINT64_C(1)<<CAP_DAC_OVERRIDE | UINT64_C(1)<<CAP_DAC_READ_SEARCH | UINT64_C(1)<<CAP_FOWNER | UINT64_C(1)<<CAP_SETGID | UINT64_C(1)<<CAP_SETUID | UINT64_C(1)<<CAP_SYS_PTRACE | UINT64_C(1)<<CAP_SYS_ADMIN | UINT64_C(1)<<CAP_AUDIT_CONTROL | UINT64_C(1)<<CAP_MAC_OVERRIDE | UINT64_C(1)<<CAP_SYSLOG, &t3) == 0); + assert_se(streq(t3, "cap_chown cap_dac_override cap_dac_read_search cap_fowner cap_setgid cap_setuid cap_sys_ptrace cap_sys_admin cap_audit_control cap_mac_override cap_syslog")); +} + int main(int argc, char *argv[]) { test_cap_list(); test_last_cap_file(); test_last_cap_probe(); + test_capability_set_to_string_alloc(); return 0; } |