Add improvements

2024-07-12 04:19:26 -03:00 · 2024-07-12 04:19:26 -03:00 · 08cfdd1e81
commit 08cfdd1e81
parent 997115c08e
3 changed files with 21 additions and 13 deletions
--- a/lib/bsd/capsicum.rb
+++ b/lib/bsd/capsicum.rb
@ -55,15 +55,19 @@ module BSD::Capsicum
  #  Might raise a subclass of SystemCallError
  # @param [#to_i] io
  #  An IO object
-  # @param [Array<String>] rights
+  # @param [Array<String>] capabilities
  #  An allowed set of capabilities
  # @return [Boolean]
  #  Returns true when successful
-  def set_rights!(io, rights)
-    voidp = FFI.cap_rights_init(*rights)
-    FFI.cap_rights_limit(io.to_i, voidp).zero? ||
-    raise(SystemCallError.new("cap_rights_limit", Fiddle.last_error))
+  def set_rights!(io, capabilities)
+    rights = Fiddle::Pointer.malloc(Constants::SIZEOF_CAP_RIGHTS_T)
+    FFI.cap_rights_init(rights, *capabilities)
+    if FFI.cap_rights_limit(io.to_i, rights).zero?
+      true
+    else
+      raise SystemCallError.new("cap_rights_limit", Fiddle.last_error)
+    end
  ensure
-    voidp.call_free
+    rights.call_free
  end
 end
--- a/lib/bsd/capsicum/constants.rb
+++ b/lib/bsd/capsicum/constants.rb
@ -91,5 +91,9 @@ module BSD::Capsicum
    CAP_FCHDIR         = 0x200000000000800
    CAP_FCNTL          = 0x200000000008000
    # @endgroup
+
+    # @group Sizes
+    SIZEOF_CAP_RIGHTS_T = 16
+    # @endgroup
  end
 end
--- a/lib/bsd/capsicum/ffi.rb
+++ b/lib/bsd/capsicum/ffi.rb
@ -47,19 +47,19 @@ module BSD::Capsicum
    ##
    # Provides a Ruby interface for cap_rights_init(2)
    # @see BSD::Capsicum::Constants See Constants for a full list of capabilities
-    # @param [Array<Integer>] rights
-    #  Allowed capabilities
+    # @param [Fiddle::Pointer] rights
+    #  A pointer to initialize the `cap_rights_t` structure
+    # @param [Array<Integer>] capabilities
+    #  An allowed set of capabilities
    # @return [Fiddle::Pointer]
    #  Returns a pointer to the structure `cap_rights_t`
-    def cap_rights_init(*rights)
-      voidp = Fiddle::Pointer.malloc(Fiddle::SIZEOF_VOIDP)
-      varargs = rights.flat_map { [ULONG_LONG, (Symbol === _1) ? Constants.const_get(_1) : _1] }
+    def cap_rights_init(rights, *capabilities)
+      varargs = capabilities.flat_map { [ULONG_LONG, (Symbol === _1) ? Constants.const_get(_1) : _1] }
      Fiddle::Function.new(
        libc["__cap_rights_init"],
        [INT, VOIDP, VARIADIC],
        VOIDP
-      ).call(CAP_RIGHTS_VERSION, voidp, *varargs)
-      voidp
+      ).call(CAP_RIGHTS_VERSION, rights, *varargs)
    end

    ##