From 08cfdd1e8153cfd3b7b24900e4086c01e326915b Mon Sep 17 00:00:00 2001
From: 0x1eef <0x1eef@protonmail.com>
Date: Fri, 12 Jul 2024 04:19:26 -0300
Subject: [PATCH] Add improvements

---
 lib/bsd/capsicum.rb           | 16 ++++++++++------
 lib/bsd/capsicum/constants.rb |  4 ++++
 lib/bsd/capsicum/ffi.rb       | 14 +++++++-------
 3 files changed, 21 insertions(+), 13 deletions(-)

diff --git a/lib/bsd/capsicum.rb b/lib/bsd/capsicum.rb
index e22a2c4..9b65a84 100644
--- a/lib/bsd/capsicum.rb
+++ b/lib/bsd/capsicum.rb
@@ -55,15 +55,19 @@ module BSD::Capsicum
   #  Might raise a subclass of SystemCallError
   # @param [#to_i] io
   #  An IO object
-  # @param [Array<String>] rights
+  # @param [Array<String>] capabilities
   #  An allowed set of capabilities
   # @return [Boolean]
   #  Returns true when successful
-  def set_rights!(io, rights)
-    voidp = FFI.cap_rights_init(*rights)
-    FFI.cap_rights_limit(io.to_i, voidp).zero? ||
-    raise(SystemCallError.new("cap_rights_limit", Fiddle.last_error))
+  def set_rights!(io, capabilities)
+    rights = Fiddle::Pointer.malloc(Constants::SIZEOF_CAP_RIGHTS_T)
+    FFI.cap_rights_init(rights, *capabilities)
+    if FFI.cap_rights_limit(io.to_i, rights).zero?
+      true
+    else
+      raise SystemCallError.new("cap_rights_limit", Fiddle.last_error)
+    end
   ensure
-    voidp.call_free
+    rights.call_free
   end
 end
diff --git a/lib/bsd/capsicum/constants.rb b/lib/bsd/capsicum/constants.rb
index 5841806..33ef17e 100644
--- a/lib/bsd/capsicum/constants.rb
+++ b/lib/bsd/capsicum/constants.rb
@@ -91,5 +91,9 @@ module BSD::Capsicum
     CAP_FCHDIR         = 0x200000000000800
     CAP_FCNTL          = 0x200000000008000
     # @endgroup
+
+    # @group Sizes
+    SIZEOF_CAP_RIGHTS_T = 16
+    # @endgroup
   end
 end
diff --git a/lib/bsd/capsicum/ffi.rb b/lib/bsd/capsicum/ffi.rb
index 3d9d16b..65ab8b0 100644
--- a/lib/bsd/capsicum/ffi.rb
+++ b/lib/bsd/capsicum/ffi.rb
@@ -47,19 +47,19 @@ module BSD::Capsicum
     ##
     # Provides a Ruby interface for cap_rights_init(2)
     # @see BSD::Capsicum::Constants See Constants for a full list of capabilities
-    # @param [Array<Integer>] rights
-    #  Allowed capabilities
+    # @param [Fiddle::Pointer] rights
+    #  A pointer to initialize the `cap_rights_t` structure
+    # @param [Array<Integer>] capabilities
+    #  An allowed set of capabilities
     # @return [Fiddle::Pointer]
     #  Returns a pointer to the structure `cap_rights_t`
-    def cap_rights_init(*rights)
-      voidp = Fiddle::Pointer.malloc(Fiddle::SIZEOF_VOIDP)
-      varargs = rights.flat_map { [ULONG_LONG, (Symbol === _1) ? Constants.const_get(_1) : _1] }
+    def cap_rights_init(rights, *capabilities)
+      varargs = capabilities.flat_map { [ULONG_LONG, (Symbol === _1) ? Constants.const_get(_1) : _1] }
       Fiddle::Function.new(
         libc["__cap_rights_init"],
         [INT, VOIDP, VARIADIC],
         VOIDP
-      ).call(CAP_RIGHTS_VERSION, voidp, *varargs)
-      voidp
+      ).call(CAP_RIGHTS_VERSION, rights, *varargs)
     end
 
     ##