X-Git-Url: http://gitweb.michael.orlitzky.com/?p=apply-default-acl.git;a=blobdiff_plain;f=src%2Flibadacl.c;h=a21aa709ba842bc7bd21aa672b99b4e3cb750cf0;hp=956063aa75ad0f4a5584fb5e3f22d0ea91f04b5f;hb=HEAD;hpb=94a6d5e4af8ca45916d1f576b51eb7fd688d00be diff --git a/src/libadacl.c b/src/libadacl.c index 956063a..a21aa70 100644 --- a/src/libadacl.c +++ b/src/libadacl.c @@ -14,6 +14,7 @@ #include /* EINVAL, ELOOP, ENOTDIR, etc. */ #include /* openat() */ #include /* basename(), dirname() */ +#include /* PATH_MAX */ #include /* the "bool" type */ #include /* perror(), asprintf() */ #include /* free() */ @@ -309,13 +310,20 @@ int acl_update_entry(acl_t aclp, acl_entry_t updated_entry) { } } - /* Otherwise, we have to have matching UIDs or GIDs. */ - if (updated_tag == ACL_USER) { + /* Second, they could have matching UIDs. We don't really need to + check both tags here, since we know that they're equal. However, + clang-tidy can't figure that out, and the redundant equality + check prevents it from complaining about a potential null pointer + dereference. */ + if (updated_tag == ACL_USER && existing_tag == ACL_USER) { qualifiers_match = ( *((uid_t*)existing_qualifier) == *((uid_t*)updated_qualifier) ); } - else if (updated_tag == ACL_GROUP) { + + /* Third, they could have matching GIDs. See above for why + we check the redundant condition existing_tag == ACL_GROUP. */ + if (updated_tag == ACL_GROUP && existing_tag == ACL_GROUP) { qualifiers_match = ( *((gid_t*)existing_qualifier) == *((gid_t*)updated_qualifier) ); @@ -332,7 +340,7 @@ int acl_update_entry(acl_t aclp, acl_entry_t updated_entry) { goto cleanup; } - result = ACL_SUCCESS; + result = ACL_SUCCESS; goto cleanup; } }