From f9c6d862789eb5961502862882d2dc33eff854b8 Mon Sep 17 00:00:00 2001
From: Alice Frosi <afrosi@redhat.com>
Date: Mon, 16 Jan 2023 16:30:22 +0100
Subject: eater: add error handling

Check for errors for prctl and seccomp syscall.

Signed-off-by: Alice Frosi <afrosi@redhat.com>
---
 eater.c | 14 ++++++++++----
 1 file changed, 10 insertions(+), 4 deletions(-)

(limited to 'eater.c')

diff --git a/eater.c b/eater.c
index e60a993..cd03b44 100644
--- a/eater.c
+++ b/eater.c
@@ -97,13 +97,19 @@ int main(int argc, char **argv)
 
 	prog.filter = filter;
 	prog.len = (unsigned short)(n / sizeof(filter[0]));
-	prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0);
-	fd = seccomp(SECCOMP_SET_MODE_FILTER, SECCOMP_FILTER_FLAG_NEW_LISTENER,
-		     &prog);
+	if (prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0) != 0) {
+		perror("prctl");
+		exit(EXIT_FAILURE);
+	}
+	if ((fd = seccomp(SECCOMP_SET_MODE_FILTER, SECCOMP_FILTER_FLAG_NEW_LISTENER,
+					&prog) < 0)) {
+		perror("seccomp");
+		exit(EXIT_FAILURE);
+	}
 
 	connect(0, NULL, 0); /* Wait for seitan to unblock this */
 	execvpe(argv[arguments.program_index], &argv[arguments.program_index],
-		environ);
+			environ);
 	if (errno != ENOENT) {
 		perror("execvpe");
 		exit(EXIT_FAILURE);
-- 
cgit v1.2.3