diff options
author | Paul Moore <paul@paul-moore.com> | 2020-05-19 19:01:24 -0400 |
---|---|---|
committer | Paul Moore <paul@paul-moore.com> | 2020-06-16 11:21:28 -0400 |
commit | d0713af4184b9a0fb510c14b4f04d4d64be22bf6 (patch) | |
tree | f5a531c3490da7585209c99ac7b81de9f939d850 | |
parent | 3d44b15e40c79c3187afeb73292aa1fc909a4463 (diff) | |
download | libseccomp-d0713af4184b9a0fb510c14b4f04d4d64be22bf6.tar.gz |
api: use EINVAL to signify bad input to the libseccomp API
We need to limit our use of EINVAL to only indicate bad input to the
API functions. Bad input to internal functions is not a valid use
of EINVAL.
Acked-by: Tom Hromatka <tom.hromatka@oracle.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>
-rw-r--r-- | src/db.c | 4 | ||||
-rw-r--r-- | src/gen_bpf.c | 8 | ||||
-rw-r--r-- | src/gen_pfc.c | 2 | ||||
-rw-r--r-- | tests/11-basic-basic_errors.c | 4 |
4 files changed, 9 insertions, 9 deletions
@@ -1317,7 +1317,7 @@ int db_col_attr_get(const struct db_filter_col *col, *value = col->attr.optimize; break; default: - rc = -EEXIST; + rc = -EINVAL; break; } @@ -1403,7 +1403,7 @@ int db_col_attr_set(struct db_filter_col *col, } break; default: - rc = -EEXIST; + rc = -EINVAL; break; } diff --git a/src/gen_bpf.c b/src/gen_bpf.c index 55a7958..5e1aad5 100644 --- a/src/gen_bpf.c +++ b/src/gen_bpf.c @@ -1281,7 +1281,7 @@ static int _gen_bpf_insert(struct bpf_state *state, struct bpf_instr *instr, *insert = _blk_append(state, existing_blk, instr); if (*insert == NULL) - return -EINVAL; + return -ENOMEM; (*insert)->next = (*next); if (*next != NULL) (*next)->prev = (*insert); @@ -1949,9 +1949,6 @@ static int _gen_bpf_build_bpf(struct bpf_state *state, struct db_filter *db_secondary = NULL; struct arch_def pseudo_arch; - if (col->filter_cnt == 0) - return -EINVAL; - /* create a fake architecture definition for use in the early stages */ memset(&pseudo_arch, 0, sizeof(pseudo_arch)); pseudo_arch.endian = col->endian; @@ -2254,6 +2251,9 @@ struct bpf_program *gen_bpf_generate(const struct db_filter_col *col) struct bpf_state state; struct bpf_program *prgm; + if (col->filter_cnt == 0) + return NULL; + memset(&state, 0, sizeof(state)); state.attr = &col->attr; diff --git a/src/gen_pfc.c b/src/gen_pfc.c index 3c644c2..9d86e06 100644 --- a/src/gen_pfc.c +++ b/src/gen_pfc.c @@ -289,7 +289,7 @@ static int _get_bintree_syscall_num(const struct pfc_sys_list *cur, } if (cur == NULL) - return -EINVAL; + return -EFAULT; *num = cur->sys->num; return 0; diff --git a/tests/11-basic-basic_errors.c b/tests/11-basic-basic_errors.c index bb33f42..d3b2256 100644 --- a/tests/11-basic-basic_errors.c +++ b/tests/11-basic-basic_errors.c @@ -178,10 +178,10 @@ int main(int argc, char *argv[]) if (ctx == NULL) return -1; rc = seccomp_attr_get(ctx, 1000, &attr); - if (rc != -EEXIST) + if (rc != -EINVAL) return -1; rc = seccomp_attr_set(ctx, 1000, 1); - if (rc != -EEXIST) + if (rc != -EINVAL) return -1; return 0; |