diff options
author | Guido Günther <agx@sigxcpu.org> | 2013-04-01 13:01:27 +0200 |
---|---|---|
committer | Guido Günther <agx@sigxcpu.org> | 2013-04-01 13:01:27 +0200 |
commit | 95adca0059888a2aa16cd9330cfa7cc22b8cf11f (patch) | |
tree | c19f64b014cf59b50e9074005efc9cedee2c809d /cfg.mk | |
parent | 38c4d9a9e76351aa84be4c4cfd85faf0c016575a (diff) |
New upstream version 1.0.4
Diffstat (limited to 'cfg.mk')
-rw-r--r-- | cfg.mk | 6 |
1 files changed, 6 insertions, 0 deletions
@@ -389,6 +389,12 @@ sc_prohibit_setuid: halt='use virSetUIDGID, not raw set*id' \ $(_sc_search_regexp) +# Don't compare *id_t against raw -1. +sc_prohibit_risky_id_promotion: + @prohibit='\b(user|group|[ug]id) *[=!]= *-' \ + halt='cast -1 to ([ug]id_t) before comparing against id' \ + $(_sc_search_regexp) + # Use snprintf rather than s'printf, even if buffer is provably large enough, # since gnulib has more guarantees for snprintf portability sc_prohibit_sprintf: |