From 42a4fdebfdbdbbdfec01107fd384d1bf2bc658e5 Mon Sep 17 00:00:00 2001
From: Nick Peng <pymumu@gmail.com>
Date: Tue, 15 Nov 2022 22:39:36 +0800
Subject: [PATCH] smartdns: fix setcap crash issue.

---
 src/smartdns.c | 14 +++++++++-----
 1 file changed, 9 insertions(+), 5 deletions(-)

diff --git a/src/smartdns.c b/src/smartdns.c
index 0ec6b3c..de2c6c8 100644
--- a/src/smartdns.c
+++ b/src/smartdns.c
@@ -99,7 +99,7 @@ out:
 
 static int drop_root_privilege(void)
 {
-	struct __user_cap_data_struct cap;
+	struct __user_cap_data_struct cap[2];
 	struct __user_cap_header_struct header;
 #ifdef _LINUX_CAPABILITY_VERSION_3
 	header.version = _LINUX_CAPABILITY_VERSION_3;
@@ -115,16 +115,20 @@ static int drop_root_privilege(void)
 		return -1;
 	}
 
-	if (capget(&header, &cap) < 0) {
+	memset(cap, 0, sizeof(cap));
+	if (capget(&header, cap) < 0) {
 		return -1;
 	}
 
 	prctl(PR_SET_KEEPCAPS, 1, 0, 0, 0);
-	cap.effective |= (1 << CAP_NET_RAW | 1 << CAP_NET_ADMIN);
-	cap.permitted |= (1 << CAP_NET_RAW | 1 << CAP_NET_ADMIN);
+	for (int i = 0; i < 2; i++) {
+		cap[i].effective = (1 << CAP_NET_RAW | 1 << CAP_NET_ADMIN | 1 << CAP_NET_BIND_SERVICE);
+		cap[i].permitted = (1 << CAP_NET_RAW | 1 << CAP_NET_ADMIN | 1 << CAP_NET_BIND_SERVICE);
+	}
+
 	unused = setgid(gid);
 	unused = setuid(uid);
-	if (capset(&header, &cap) < 0) {
+	if (capset(&header, cap) < 0) {
 		return -1;
 	}