From ccf8d128e43076d96ab8509a42dfb7bb2133ae59 Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner@ubuntu.com>
Date: Thu, 24 May 2018 13:35:01 +0200
Subject: [PATCH] seccomp: parse_config_v1()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
---
 src/lxc/seccomp.c | 23 ++++++++++++++---------
 1 file changed, 14 insertions(+), 9 deletions(-)

diff --git a/src/lxc/seccomp.c b/src/lxc/seccomp.c
index c7b8c1219..817b53633 100644
--- a/src/lxc/seccomp.c
+++ b/src/lxc/seccomp.c
@@ -23,9 +23,9 @@
 
 #define _GNU_SOURCE
 #include <errno.h>
+#include <seccomp.h>
 #include <stdio.h>
 #include <stdlib.h>
-#include <seccomp.h>
 #include <sys/mount.h>
 #include <sys/utsname.h>
 
@@ -38,25 +38,30 @@ lxc_log_define(lxc_seccomp, lxc);
 
 static int parse_config_v1(FILE *f, struct lxc_conf *conf)
 {
-	char line[1024];
-	int ret;
+	int ret = 0;
+	size_t line_bufsz = 0;
+	char *line = NULL;
 
-	while (fgets(line, 1024, f)) {
+	while (getline(&line, &line_bufsz, f) != -1) {
 		int nr;
+
 		ret = sscanf(line, "%d", &nr);
 		if (ret != 1)
 			return -1;
-		ret = seccomp_rule_add(
+
 #if HAVE_SCMP_FILTER_CTX
-		    conf->seccomp_ctx,
+		ret = seccomp_rule_add(conf->seccomp_ctx, SCMP_ACT_ALLOW, nr, 0);
+#else
+		ret = seccomp_rule_add(SCMP_ACT_ALLOW, nr, 0);
 #endif
-		    SCMP_ACT_ALLOW, nr, 0);
 		if (ret < 0) {
 			ERROR("Failed loading allow rule for %d", nr);
-			return ret;
+			break;
 		}
 	}
-	return 0;
+	free(line);
+
+	return ret;
 }
 
 #if HAVE_DECL_SECCOMP_SYSCALL_RESOLVE_NAME_ARCH