Blob Blame History Raw
From 044455df76969ad26dfdcfa186e5ce81beb5b527 Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Tue, 10 Nov 2015 16:08:03 +0100
Subject: [PATCH] core: simplify parsing of capability bounding set settings

Let's generate a simple error, and that's it. Let's not try to be smart
and record the last word that failed.

Also, let's make sure we don't compare numeric values with 0 by relying
on C's downgrade-to-bool feature, as suggested in CODING_STYLE.

Cherry-picked from: 65dce26488030eff078c498673d5d93e3c87b6a1
Resolves: #1387398
---
 src/core/load-fragment.c | 42 +++++++++++++++++++-----------------------
 1 file changed, 19 insertions(+), 23 deletions(-)

diff --git a/src/core/load-fragment.c b/src/core/load-fragment.c
index 4830d7ad6..ab3b0c2e9 100644
--- a/src/core/load-fragment.c
+++ b/src/core/load-fragment.c
@@ -1015,23 +1015,22 @@ int config_parse_exec_secure_bits(const char *unit,
         return 0;
 }
 
-int config_parse_bounding_set(const char *unit,
-                              const char *filename,
-                              unsigned line,
-                              const char *section,
-                              unsigned section_line,
-                              const char *lvalue,
-                              int ltype,
-                              const char *rvalue,
-                              void *data,
-                              void *userdata) {
+int config_parse_bounding_set(
+                const char *unit,
+                const char *filename,
+                unsigned line,
+                const char *section,
+                unsigned section_line,
+                const char *lvalue,
+                int ltype,
+                const char *rvalue,
+                void *data,
+                void *userdata) {
 
         uint64_t *capability_bounding_set_drop = data;
-        uint64_t capability_bounding_set;
+        uint64_t capability_bounding_set, sum = 0;
         bool invert = false;
-        uint64_t sum = 0;
-        const char *prev;
-        const char *cur;
+        const char *p;
 
         assert(filename);
         assert(lvalue);
@@ -1048,35 +1047,32 @@ int config_parse_bounding_set(const char *unit,
          * non-inverted everywhere to have a fully normalized
          * interface. */
 
-        prev = cur = rvalue;
+        p = rvalue;
         for (;;) {
                 _cleanup_free_ char *word = NULL;
-                int cap;
-                int r;
+                int cap, r;
 
-                r = extract_first_word(&cur, &word, NULL, EXTRACT_QUOTES);
+                r = extract_first_word(&p, &word, NULL, EXTRACT_QUOTES);
                 if (r == 0)
                         break;
                 if (r == -ENOMEM)
                         return log_oom();
                 if (r < 0) {
-                        log_syntax(unit, LOG_ERR, filename, line, r, "Trailing garbage in bounding set, ignoring: %s", prev);
+                        log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse word, ignoring: %s", rvalue);
                         break;
                 }
 
                 cap = capability_from_name(word);
                 if (cap < 0) {
                         log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse capability in bounding set, ignoring: %s", word);
-                        prev = cur;
                         continue;
                 }
 
-                sum |= ((uint64_t) 1ULL) << (uint64_t) cap;
-                prev = cur;
+                sum |= ((uint64_t) UINT64_C(1)) << (uint64_t) cap;
         }
 
         capability_bounding_set = invert ? ~sum : sum;
-        if (*capability_bounding_set_drop && capability_bounding_set)
+        if (*capability_bounding_set_drop != 0 && capability_bounding_set != 0)
                 *capability_bounding_set_drop = ~(~*capability_bounding_set_drop | capability_bounding_set);
         else
                 *capability_bounding_set_drop = ~capability_bounding_set;