char **options;
} oci_mount_data;
-static void cleanup_oci_mount_data(oci_mount_data *data) {
+static void oci_mount_data_done(oci_mount_data *data) {
free(data->destination);
free(data->source);
- strv_free(data->options);
free(data->type);
+ strv_free(data->options);
}
+DEFINE_TRIVIAL_DESTRUCTOR(oci_mount_data_donep, oci_mount_data, oci_mount_data_done);
+
static int oci_mounts(const char *name, JsonVariant *v, JsonDispatchFlags flags, void *userdata) {
Settings *s = ASSERT_PTR(userdata);
JsonVariant *e;
};
_cleanup_free_ char *joined_options = NULL;
+ _cleanup_(oci_mount_data_donep) oci_mount_data data = {};
CustomMount *m;
- _cleanup_(cleanup_oci_mount_data) oci_mount_data data = {};
r = json_dispatch(e, table, oci_unexpected, flags, &data);
if (r < 0)
return 0;
}
+struct namespace_data {
+ unsigned long type;
+ char *path;
+};
+
+static void namespace_data_done(struct namespace_data *p) {
+ assert(p);
+
+ free(p->path);
+}
+
+DEFINE_TRIVIAL_DESTRUCTOR(namespace_data_donep, struct namespace_data, namespace_data_done);
+
static int oci_namespaces(const char *name, JsonVariant *v, JsonDispatchFlags flags, void *userdata) {
Settings *s = ASSERT_PTR(userdata);
unsigned long n = 0;
int r;
JSON_VARIANT_ARRAY_FOREACH(e, v) {
-
- struct namespace_data {
- unsigned long type;
- char *path;
- } data = {};
+ _cleanup_(namespace_data_donep) struct namespace_data data = {};
static const JsonDispatch table[] = {
{ "type", JSON_VARIANT_STRING, oci_namespace_type, offsetof(struct namespace_data, type), JSON_MANDATORY },
};
r = json_dispatch(e, table, oci_unexpected, flags, &data);
- if (r < 0) {
- free(data.path);
+ if (r < 0)
return r;
- }
if (data.path) {
- if (data.type != CLONE_NEWNET) {
- free(data.path);
+ if (data.type != CLONE_NEWNET)
return json_log(e, flags, SYNTHETIC_ERRNO(EOPNOTSUPP),
"Specifying namespace path for non-network namespace is not supported.");
- }
- if (s->network_namespace_path) {
- free(data.path);
+ if (s->network_namespace_path)
return json_log(e, flags, SYNTHETIC_ERRNO(EINVAL),
"Network namespace path specified more than once, refusing.");
- }
- free(s->network_namespace_path);
- s->network_namespace_path = data.path;
+ free_and_replace(s->network_namespace_path, data.path);
}
if (FLAGS_SET(n, data.type))
size_t n_arguments;
};
-static void syscall_rule_free(struct syscall_rule *rule) {
+static void syscall_rule_done(struct syscall_rule *rule) {
assert(rule);
strv_free(rule->names);
free(rule->arguments);
};
+DEFINE_TRIVIAL_DESTRUCTOR(syscall_rule_donep, struct syscall_rule, syscall_rule_done);
+
static int oci_seccomp_action(const char *name, JsonVariant *v, JsonDispatchFlags flags, void *userdata) {
uint32_t *action = ASSERT_PTR(userdata);
int r;
{ "args", JSON_VARIANT_ARRAY, oci_seccomp_args, 0, 0 },
{}
};
- struct syscall_rule rule = {
+ _cleanup_(syscall_rule_donep) struct syscall_rule rule = {
.action = UINT32_MAX,
};
r = json_dispatch(e, table, oci_unexpected, flags, &rule);
if (r < 0)
- goto fail_rule;
+ return r;
if (strv_isempty(rule.names)) {
json_log(e, flags, 0, "System call name list is empty.");
- r = -EINVAL;
- goto fail_rule;
+ return -EINVAL;
}
STRV_FOREACH(i, rule.names) {
r = seccomp_rule_add_array(sc, rule.action, nr, rule.n_arguments, rule.arguments);
if (r < 0)
- goto fail_rule;
+ return r;
}
-
- syscall_rule_free(&rule);
- continue;
-
- fail_rule:
- syscall_rule_free(&rule);
- return r;
}
return 0;