src/daemon/common.c: avoid using private structs from <linux/capability.h>

diff --git a/src/daemon/common.c b/src/daemon/common.c
index 7656191..a522759 100644 (file)
--- a/src/daemon/common.c
+++ b/src/daemon/common.c
@@ -1677,23 +1677,42 @@ void strarray_free (char **array, size_t array_len) /* {{{ */
 int check_capability (int capability) /* {{{ */
 {
 #ifdef _LINUX_CAPABILITY_VERSION_3
-       struct __user_cap_header_struct cap_header_data;
-       cap_user_header_t cap_header = &cap_header_data;
-       struct __user_cap_data_struct cap_data_data;
-       cap_user_data_t cap_data = &cap_data_data;
+       cap_user_header_t cap_header = calloc(sizeof (*cap_header), 1);
+       if (cap_header == NULL)
+       {
+               ERROR("check_capability: calloc failed");
+               return (-1);
+       }
+
+       cap_user_data_t cap_data = calloc(sizeof (*cap_data), 1);
+       if (cap_data == NULL)
+       {
+               ERROR("check_capability: calloc failed");
+               return (-1);
+       }
 
        cap_header->pid = getpid();
        cap_header->version = _LINUX_CAPABILITY_VERSION;
        if (capget(cap_header, cap_data) < 0)
        {
                ERROR("check_capability: capget failed");
+               sfree(cap_header);
+               sfree(cap_data);
                return (-1);
        }
 
        if ((cap_data->effective & (1 << capability)) == 0)
+       {
+               sfree(cap_header);
+               sfree(cap_data);
                return (-1);
+       }
        else
+       {
+               sfree(cap_header);
+               sfree(cap_data);
                return (0);
+       }
 #else
        WARNING ("check_capability: unsupported capability implementation. "
            "Some plugin(s) may require elevated privileges to work properly.");