From d3d57baac0a08b164b6d6eccab65a1b74da0dae0 Mon Sep 17 00:00:00 2001 From: Corinna Vinschen Date: Sat, 26 Dec 2015 14:33:23 +0100 Subject: [PATCH 2/2] acl_get_perm: Check for contained perm bits in permset The expression in acl_get_perm is true if any single bit in perm matches a bit set in the permset. So if permset is r-x and perm is rw-, the expression is true, even though 'w' is not contained in permset. This patch fixes the expression to check if the input perm bits are actually contained in the permset. Signed-off-by: Corinna Vinschen --- libacl/acl_get_perm.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/libacl/acl_get_perm.c b/libacl/acl_get_perm.c index 31357b2..3f84df5 100644 --- a/libacl/acl_get_perm.c +++ b/libacl/acl_get_perm.c @@ -28,6 +28,6 @@ acl_get_perm(acl_permset_t permset_d, acl_perm_t perm) acl_permset_obj *acl_permset_obj_p = ext2int(acl_permset, permset_d); if (!acl_permset_obj_p || (perm & ~(ACL_READ|ACL_WRITE|ACL_EXECUTE))) return -1; - return (acl_permset_obj_p->sperm & perm) != 0; + return (~acl_permset_obj_p->sperm & perm) == 0; } -- 2.5.0