From: Michael Orlitzky <michael@orlitzky.com>
Date: Fri, 23 Feb 2018 16:32:31 +0000 (-0500)
Subject: Have acl_execute_masked() take an acl_t rather than a path as its argument.
X-Git-Tag: v0.1.0~37
X-Git-Url: https://gitweb.michael.orlitzky.com/?p=apply-default-acl.git;a=commitdiff_plain;h=927c66a6c66bcbd69b62f07f4b937c5df9afab88

Have acl_execute_masked() take an acl_t rather than a path as its argument.

We only call acl_execute_masked() in one place; and in that place, the
ACL of the path in question is already available. So, there's no
reason for us to re-retrieve it. Instead, the function has been
updated to take an acl_t (and not a path), simplifing the logic a bit.
---

diff --git a/src/apply-default-acl.c b/src/apply-default-acl.c
index a496195..a3c28fb 100644
--- a/src/apply-default-acl.c
+++ b/src/apply-default-acl.c
@@ -371,29 +371,17 @@ int acl_is_minimal(acl_t* acl) {
 
 
 /**
- * @brief Determine whether the given path has an ACL whose mask
- *   denies execute.
+ * @brief Determine whether the given ACL's mask denies execute.
  *
- * @param path
- *   The path to check.
+ * @param acl
+ *   The ACL whose mask we want to check.
  *
  * @return
- *   - @c ACL_SUCCESS - @c path has a mask which denies execute.
- *   - @c ACL_FAILURE - The ACL for @c path does not deny execute,
- *     or @c path has no extended ACL at all.
+ *   - @c ACL_SUCCESS - The @c acl has a mask which denies execute.
+ *   - @c ACL_FAILURE - The @c acl has a mask which does not deny execute.
  *   - @c ACL_ERROR - Unexpected library error.
  */
-int acl_execute_masked(const char* path) {
-
-  acl_t acl = acl_get_file(path, ACL_TYPE_ACCESS);
-
-  if (acl == (acl_t)NULL) {
-    perror("acl_execute_masked (acl_get_file)");
-    return ACL_ERROR;
-  }
-
-  /* Our return value. */
-  int result = ACL_FAILURE;
+int acl_execute_masked(acl_t acl) {
 
   acl_entry_t entry;
   int ge_result = acl_get_entry(acl, ACL_FIRST_ENTRY, &entry);
@@ -404,8 +392,7 @@ int acl_execute_masked(const char* path) {
 
     if (tag_result == ACL_ERROR) {
        perror("acl_execute_masked (acl_get_tag_type)");
-       result = ACL_ERROR;
-       goto cleanup;
+       return ACL_ERROR;
     }
 
     if (tag == ACL_MASK) {
@@ -416,15 +403,13 @@ int acl_execute_masked(const char* path) {
       int ps_result = acl_get_permset(entry, &permset);
       if (ps_result == ACL_ERROR) {
 	perror("acl_execute_masked (acl_get_permset)");
-	result = ACL_ERROR;
-	goto cleanup;
+	return ACL_ERROR;
       }
 
       int gp_result = acl_get_perm(permset, ACL_EXECUTE);
       if (gp_result == ACL_ERROR) {
 	perror("acl_execute_masked (acl_get_perm)");
-	result = ACL_ERROR;
-	goto cleanup;
+	return ACL_ERROR;
       }
 
       if (gp_result == ACL_FAILURE) {
@@ -436,9 +421,7 @@ int acl_execute_masked(const char* path) {
     ge_result = acl_get_entry(acl, ACL_NEXT_ENTRY, &entry);
   }
 
- cleanup:
-  acl_free(acl);
-  return result;
+  return ACL_FAILURE;
 }
 
 
@@ -533,7 +516,7 @@ int any_can_execute_or_dir(const char* path) {
 
     if (gp_result == ACL_SUCCESS) {
       /* Only return ACL_SUCCESS if this execute bit is not masked. */
-      if (acl_execute_masked(path) != ACL_SUCCESS) {
+      if (acl_execute_masked(acl) != ACL_SUCCESS) {
 	result = ACL_SUCCESS;
 	goto cleanup;
       }