diff options
author | Lennart Poettering <lennart@poettering.net> | 2019-06-20 14:44:47 +0200 |
---|---|---|
committer | Lennart Poettering <lennart@poettering.net> | 2019-06-20 14:55:24 +0200 |
commit | 4a33a02e994c8002a7eac75c02494becb1a4d4f8 (patch) | |
tree | 7aa8fe81ee013026b79c5c7a76cb1f42b4368c55 | |
parent | 9af2820694e1b2d409ed35cf0bca00acab0bdec5 (diff) | |
download | systemd-4a33a02e994c8002a7eac75c02494becb1a4d4f8.tar.gz |
capability: fix loops for cap_last_cap()
cap_last_cap() returns the last valid cap (instead of the number of
valid caps). to iterate through all known caps we hence need to use a <=
check, and not a < check like for all other cases. We got this right
usually, but in three cases we did not.
-rw-r--r-- | src/basic/cap-list.c | 2 | ||||
-rw-r--r-- | src/basic/capability-util.c | 4 |
2 files changed, 3 insertions, 3 deletions
diff --git a/src/basic/cap-list.c b/src/basic/cap-list.c index 29a17d9320..2c0b7416a4 100644 --- a/src/basic/cap-list.c +++ b/src/basic/cap-list.c @@ -62,7 +62,7 @@ int capability_set_to_string_alloc(uint64_t set, char **s) { assert(s); - for (i = 0; i < cap_last_cap(); i++) + for (i = 0; i <= cap_last_cap(); i++) if (set & (UINT64_C(1) << i)) { const char *p; size_t add; diff --git a/src/basic/capability-util.c b/src/basic/capability-util.c index 2a9c3b80f8..e3ed14f806 100644 --- a/src/basic/capability-util.c +++ b/src/basic/capability-util.c @@ -90,7 +90,7 @@ int capability_update_inherited_set(cap_t caps, uint64_t set) { /* Add capabilities in the set to the inherited caps. Do not apply * them yet. */ - for (i = 0; i < cap_last_cap(); i++) { + for (i = 0; i <= cap_last_cap(); i++) { if (set & (UINT64_C(1) << i)) { cap_value_t v; @@ -126,7 +126,7 @@ int capability_ambient_set_apply(uint64_t set, bool also_inherit) { return -errno; } - for (i = 0; i < cap_last_cap(); i++) { + for (i = 0; i <= cap_last_cap(); i++) { if (set & (UINT64_C(1) << i)) { |