* [ SEPOL 3 ] Improve/fix sepol_user_set_roles
@ 2005-10-31 11:04 Ivan Gyurdiev
2005-10-31 16:11 ` Stephen Smalley
0 siblings, 1 reply; 2+ messages in thread
From: Ivan Gyurdiev @ 2005-10-31 11:04 UTC (permalink / raw)
To: SELinux List; +Cc: Stephen Smalley
[-- Attachment #1: Type: text/plain, Size: 71 bytes --]
- fix set_roles to properly handle num_roles = 0
- simplify a bit...
[-- Attachment #2: libsepol.set_roles.diff --]
[-- Type: text/x-patch, Size: 1950 bytes --]
diff -Naurp --exclude CVS --exclude ChangeLog --exclude VERSION --exclude Makefile old/libsepol/src/user_record.c new/libsepol/src/user_record.c
--- old/libsepol/src/user_record.c 2005-10-31 05:49:40.000000000 -0500
+++ new/libsepol/src/user_record.c 2005-10-31 06:01:54.000000000 -0500
@@ -209,37 +209,41 @@ int sepol_user_set_roles(
size_t num_roles) {
size_t i;
+ char** tmp_roles = NULL;
+ char* tmp_def_role = NULL;
- /* First, make a copy */
- char** tmp_roles = (char**) calloc(1, sizeof(char*) * num_roles);
- if (!tmp_roles)
- goto omem;
+ if (num_roles > 0) {
- for (i = 0; i < num_roles; i++) {
- tmp_roles[i] = strdup(roles_arr[i]);
- if (!tmp_roles[i])
- goto omem;
- }
+ /* First, make a copy */
+ tmp_roles = (char**) calloc(1, sizeof(char*) * num_roles);
+ if (!tmp_roles)
+ goto omem;
- /* Try to set defrole - there should be no failures following
- * this call, since the old def role is not saved */
- if (sepol_user_set_defrole(handle, user, tmp_roles[0]) < 0)
- goto err;
+ for (i = 0; i < num_roles; i++) {
+ tmp_roles[i] = strdup(roles_arr[i]);
+ if (!tmp_roles[i])
+ goto omem;
+ }
+ tmp_def_role = strdup(tmp_roles[0]);
+ if (!tmp_def_role)
+ goto omem;
+ }
+
/* Apply other changes */
for (i = 0; i < user->num_roles; i++)
free(user->roles[i]);
free(user->roles);
+ free(user->def_role);
user->roles = tmp_roles;
user->num_roles = num_roles;
+ user->def_role = tmp_def_role;
+
return STATUS_SUCCESS;
omem:
- ERR(handle, "out of memory");
-
- err:
- ERR(handle, "could not "
- "allocate roles array for user %s", user->name);
+ ERR(handle, "out of memory, could not allocate roles array for"
+ "user %s", user->name);
if (tmp_roles) {
for (i = 0; i < num_roles; i++ ) {
@@ -247,8 +251,9 @@ int sepol_user_set_roles(
break;
free(tmp_roles[i]);
}
- free(tmp_roles);
}
+ free(tmp_roles);
+ free(tmp_def_role);
return STATUS_ERR;
}
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: [ SEPOL 3 ] Improve/fix sepol_user_set_roles
2005-10-31 11:04 [ SEPOL 3 ] Improve/fix sepol_user_set_roles Ivan Gyurdiev
@ 2005-10-31 16:11 ` Stephen Smalley
0 siblings, 0 replies; 2+ messages in thread
From: Stephen Smalley @ 2005-10-31 16:11 UTC (permalink / raw)
To: Ivan Gyurdiev; +Cc: SELinux List
On Mon, 2005-10-31 at 06:04 -0500, Ivan Gyurdiev wrote:
> - fix set_roles to properly handle num_roles = 0
> - simplify a bit...
Merged all 5 patches (record interfaces, dbase flush, common database,
record bugfixes, set roles) as of libsepol 1.9.34 and libsemanage
1.3.39.
--
Stephen Smalley
National Security Agency
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2005-10-31 16:11 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2005-10-31 11:04 [ SEPOL 3 ] Improve/fix sepol_user_set_roles Ivan Gyurdiev
2005-10-31 16:11 ` Stephen Smalley
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.