From 056c4051db8edb4bbcc9c87ececfe8517ae1e53a Mon Sep 17 00:00:00 2001 From: Daksh Date: Sun, 15 Jun 2025 18:03:44 +0530 Subject: [PATCH] Suggestion for improvement Signed-off-by: Daksh --- INSPECTION.md | 11 +++++++++++ main.c | 12 +++++++----- 2 files changed, 18 insertions(+), 5 deletions(-) create mode 100644 INSPECTION.md diff --git a/INSPECTION.md b/INSPECTION.md new file mode 100644 index 0000000..8d38c16 --- /dev/null +++ b/INSPECTION.md @@ -0,0 +1,11 @@ +Code Inspection +The structure of the code is clear, the function names suggest its purpose and makes it a readable code. + +The code is modular and separated in different files based on the functionality of the task like reading header, filter and filtering. + +Improvements: + +1. It is always better to gracefully handle errors rather than panicing, so the UX doesn't break. +2. There should be tests, so including tests would help the user to understand the working of code and check for its robustness. +3. If something is must, then const should be used in order to access them across the code faster. +4. The files which opens should always be closed, so calling a destructor would be better using RAII pattern. diff --git a/main.c b/main.c index 98999c3..3d14666 100644 --- a/main.c +++ b/main.c @@ -2,18 +2,20 @@ #include "seccomp.h" -int main(int argc, char **argv) { - if (argc != 2) { +int main(int argc, char **argv) +{ + if (argc != 2) + { die("needs seccomp profile as first argument"); } - struct sock_fprog prog_allow = { 0 }; + struct sock_fprog prog_allow = {0}; struct sc_seccomp_file_header hdr = {0}; const char *profile_path = argv[1]; - FILE *file = sc_must_read_and_validate_header_from_file(profile_path, &hdr); + FILE *file = sc_must_read_and_validate_header_from_file(profile_path, &hdr); sc_must_read_filter_from_file(file, hdr.len_filter, &prog_allow); - sc_apply_seccomp_filter(&prog_allow); + fclose(file); }