From: Christian Brauner <christian.brauner@ubuntu.com>
Date: Thu, 24 May 2018 11:42:47 +0000 (+0200)
Subject: seccomp: get_v2_default_action()
X-Git-Tag: lxc-3.1.0~291^2~11
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=30448a13abc70e4de7578bf8ca4a26a58655b0ea;p=thirdparty%2Flxc.git

seccomp: get_v2_default_action()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
---

diff --git a/src/lxc/seccomp.c b/src/lxc/seccomp.c
index 1e754db22..aae1921b4 100644
--- a/src/lxc/seccomp.c
+++ b/src/lxc/seccomp.c
@@ -71,20 +71,26 @@ static uint32_t get_v2_default_action(char *line)
 
 	while (*line == ' ')
 		line++;
+
 	/* After 'whitelist' or 'blacklist' comes default behavior. */
-	if (strncmp(line, "kill", 4) == 0)
+	if (strncmp(line, "kill", 4) == 0) {
 		ret_action = SCMP_ACT_KILL;
-	else if (strncmp(line, "errno", 5) == 0) {
-		int e;
-		if (sscanf(line + 5, "%d", &e) != 1) {
-			ERROR("Bad errno value in %s", line);
+	} else if (strncmp(line, "errno", 5) == 0) {
+		int e, ret;
+
+		ret = sscanf(line + 5, "%d", &e);
+		if (ret != 1) {
+			ERROR("Failed to parse errno value from %s", line);
 			return -2;
 		}
+
 		ret_action = SCMP_ACT_ERRNO(e);
-	} else if (strncmp(line, "allow", 5) == 0)
+	} else if (strncmp(line, "allow", 5) == 0) {
 		ret_action = SCMP_ACT_ALLOW;
-	else if (strncmp(line, "trap", 4) == 0)
+	} else if (strncmp(line, "trap", 4) == 0) {
 		ret_action = SCMP_ACT_TRAP;
+	}
+
 	return ret_action;
 }