diff -ru a/src/cap-ng.c b/src/cap-ng.c
--- a/src/cap-ng.c
+++ b/src/cap-ng.c
@@ -46,7 +46,7 @@
#endif
# define hidden __attribute__ ((visibility ("hidden")))
-int last_cap hidden = -1;
+unsigned int last_cap hidden = 0;
/*
* Some milestones of when things became available:
* 2.6.24 kernel XATTR_NAME_CAPS
@@ -65,7 +65,7 @@
// Local defines
#define MASK(x) (1U << (x))
#ifdef PR_CAPBSET_DROP
-#define UPPER_MASK ~(unsigned)((~0U)<<(last_cap-31))
+#define UPPER_MASK ~((~0U)<<(last_cap-31))
#else
// For v1 systems UPPER_MASK will never be used
#define UPPER_MASK (unsigned)(~0U)
@@ -73,7 +73,7 @@
// Re-define cap_valid so its uniform between V1 and V3
#undef cap_valid
-#define cap_valid(x) ((x) <= (unsigned int)last_cap)
+#define cap_valid(x) ((x) <= last_cap)
// If we don't have the xattr library, then we can't
// compile-in file system capabilities
@@ -174,6 +174,26 @@
#ifdef HAVE_PTHREAD_H
pthread_atfork(NULL, NULL, deinit);
#endif
+ // Detect last cap
+ if (last_cap == 0) {
+ int fd;
+
+ fd = open("/proc/sys/kernel/cap_last_cap", O_RDONLY);
+ if (fd >= 0) {
+ char buf[8];
+ int num = read(fd, buf, sizeof(buf) - 1);
+ if (num > 0) {
+ buf[num] = 0;
+ errno = 0;
+ unsigned int val = strtoul(buf, NULL, 10);
+ if (errno == 0)
+ last_cap = val;
+ }
+ close(fd);
+ }
+ if (last_cap == 0)
+ last_cap = CAP_LAST_CAP;
+ }
}
static void init(void)
@@ -199,26 +219,6 @@
#else
m.hdr.pid = (unsigned)getpid();
#endif
- // Detect last cap
- if (last_cap == -1) {
- int fd;
-
- fd = open("/proc/sys/kernel/cap_last_cap", O_RDONLY);
- if (fd >= 0) {
- char buf[8];
- int num = read(fd, buf, sizeof(buf) - 1);
- if (num > 0) {
- buf[num] = 0;
- errno = 0;
- int val = strtoul(buf, NULL, 10);
- if (errno == 0)
- last_cap = val;
- }
- close(fd);
- }
- if (last_cap == -1)
- last_cap = CAP_LAST_CAP;
- }
m.state = CAPNG_ALLOCATED;
}
@@ -478,7 +478,7 @@
if (CAPNG_INHERITABLE & type)
v1_update(action, capability, &m.data.v1.inheritable);
} else {
- int idx;
+ unsigned int idx;
if (capability > 31) {
idx = capability>>5;
@@ -545,7 +545,7 @@
memcpy(&state, &m, sizeof(state)); /* save state */
capng_get_caps_process();
if (capng_have_capability(CAPNG_EFFECTIVE, CAP_SETPCAP)) {
- int i;
+ unsigned int i;
memcpy(&m, &state, sizeof(m)); /* restore state */
rc = 0;
for (i=0; i <= last_cap && rc == 0; i++)
@@ -602,7 +602,7 @@
#ifndef VFS_CAP_U32
return -1;
#else
- int rc, size;
+ int rc, size = 0;
struct vfs_cap_data filedata;
struct stat buf;
@@ -1010,7 +1010,7 @@
char *capng_print_caps_text(capng_print_t where, capng_type_t which)
{
- int i, once = 0, cnt = 0;
+ unsigned int i, once = 0, cnt = 0;
char *ptr = NULL;
if (m.state < CAPNG_INIT)
diff -ru a/src/lookup_table.c b/src/lookup_table.c
--- a/src/lookup_table.c
+++ b/src/lookup_table.c
@@ -29,10 +29,10 @@
#define hidden __attribute__ ((visibility ("hidden")))
-extern int last_cap hidden;
+extern unsigned int last_cap hidden;
#undef cap_valid
-#define cap_valid(x) ((x) <= (unsigned int)last_cap)
+#define cap_valid(x) ((x) <= last_cap)
struct transtab {
diff -ru a/src/test/lib_test.c b/src/test/lib_test.c
--- a/src/test/lib_test.c
+++ b/src/test/lib_test.c
@@ -29,7 +29,7 @@
#include <fcntl.h>
#include <sys/stat.h>
-int get_last_cap(void)
+static unsigned int get_last_cap(void)
{
int fd;
@@ -41,17 +41,19 @@
int num = read(fd, buf, sizeof(buf));
if (num > 0) {
errno = 0;
- int val = strtoul(buf, NULL, 10);
+ unsigned int val = strtoul(buf, NULL, 10);
if (errno == 0)
return val;
}
+ close(fd);
}
return CAP_LAST_CAP;
}
int main(void)
{
- int rc, i, len, last = get_last_cap();
+ int rc;
+ unsigned int i, len, last = get_last_cap();
char *text;
void *saved;
@@ -127,7 +129,7 @@
abort();
}
name = capng_capability_to_name(i);
- if (name == NULL) {
+ if (name == NULL) {
printf("Failed converting capability %d to name\n", i);
abort();
}