From 7474b5b33f15e7769608df2a36f7f86274028c01 Mon Sep 17 00:00:00 2001
From: Wolfgang Bumiller <w.bumiller@proxmox.com>
Date: Fri, 25 May 2018 12:07:12 +0200
Subject: [PATCH] seccomp: error on unrecognized actions

Be more strict about unrecognized actions. Previously the
parser would happily accept lines with typos like:

  kexec_load errrno 1

(note the extra 'r')

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
---
 src/lxc/seccomp.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/src/lxc/seccomp.c b/src/lxc/seccomp.c
index 44862983c..4ae981203 100644
--- a/src/lxc/seccomp.c
+++ b/src/lxc/seccomp.c
@@ -114,6 +114,9 @@ static uint32_t get_v2_default_action(char *line)
 		ret_action = SCMP_ACT_ALLOW;
 	} else if (strncmp(line, "trap", 4) == 0) {
 		ret_action = SCMP_ACT_TRAP;
+	} else if (line[0]) {
+		ERROR("Unrecognized seccomp action: %s", line);
+		return -2;
 	}
 
 	return ret_action;
-- 
2.47.2