[ SEPOL 3 ] Improve/fix sepol_user_set

All of lore.kernel.org
 help / color / mirror / Atom feed

* [ SEPOL 3 ] Improve/fix sepol_user_set_roles
@ 2005-10-31 11:04 Ivan Gyurdiev
  2005-10-31 16:11 ` Stephen Smalley
  0 siblings, 1 reply; 2+ messages in thread
From: Ivan Gyurdiev @ 2005-10-31 11:04 UTC (permalink / raw)
  To: SELinux List; +Cc: Stephen Smalley

[-- Attachment #1: Type: text/plain, Size: 71 bytes --]

- fix set_roles to properly handle num_roles = 0
- simplify a bit...



[-- Attachment #2: libsepol.set_roles.diff --]
[-- Type: text/x-patch, Size: 1950 bytes --]

diff -Naurp --exclude CVS --exclude ChangeLog --exclude VERSION --exclude Makefile old/libsepol/src/user_record.c new/libsepol/src/user_record.c
--- old/libsepol/src/user_record.c	2005-10-31 05:49:40.000000000 -0500
+++ new/libsepol/src/user_record.c	2005-10-31 06:01:54.000000000 -0500
@@ -209,37 +209,41 @@ int sepol_user_set_roles(
 	size_t num_roles) {
 
 	size_t i;
+	char** tmp_roles = NULL;
+	char* tmp_def_role = NULL;
 
-	/* First, make a copy */
-	char** tmp_roles = (char**) calloc(1, sizeof(char*) * num_roles);
-	if (!tmp_roles) 
-		goto omem;
+	if (num_roles > 0) {
 
-	for (i = 0; i < num_roles; i++) {
-		tmp_roles[i] = strdup(roles_arr[i]); 
-		if (!tmp_roles[i])
-			goto omem;	
-	}
+		/* First, make a copy */
+		tmp_roles = (char**) calloc(1, sizeof(char*) * num_roles);
+		if (!tmp_roles) 
+			goto omem;
 
-	/* Try to set defrole - there should be no failures following
-	 * this call, since the old def role is not saved */
-	if (sepol_user_set_defrole(handle, user, tmp_roles[0]) < 0)
-		goto err;
+		for (i = 0; i < num_roles; i++) {
+			tmp_roles[i] = strdup(roles_arr[i]); 
+			if (!tmp_roles[i])
+				goto omem;	
+		}
 
+		tmp_def_role = strdup(tmp_roles[0]);
+		if (!tmp_def_role) 
+			goto omem;
+	}
+	
 	/* Apply other changes */
 	for (i = 0; i < user->num_roles; i++)
 		free(user->roles[i]);
 	free(user->roles);
+	free(user->def_role);
 	user->roles = tmp_roles;
 	user->num_roles = num_roles;
+	user->def_role = tmp_def_role;
+
 	return STATUS_SUCCESS;
 
 	omem:
-	ERR(handle, "out of memory");
-
-	err:
-	ERR(handle, "could not "
-		"allocate roles array for user %s", user->name);
+	ERR(handle, "out of memory, could not allocate roles array for"
+		"user %s", user->name);
 
 	if (tmp_roles) {
 		for (i = 0; i < num_roles; i++ ) {
@@ -247,8 +251,9 @@ int sepol_user_set_roles(
 				break;
 			free(tmp_roles[i]);
 		}
-		free(tmp_roles);
 	}
+	free(tmp_roles);
+	free(tmp_def_role);
 	return STATUS_ERR;	
 }
 

^ permalink raw reply	[flat|nested] 2+ messages in thread

* Re: [ SEPOL 3 ] Improve/fix sepol_user_set_roles
  2005-10-31 11:04 [ SEPOL 3 ] Improve/fix sepol_user_set_roles Ivan Gyurdiev
@ 2005-10-31 16:11 ` Stephen Smalley
  0 siblings, 0 replies; 2+ messages in thread
From: Stephen Smalley @ 2005-10-31 16:11 UTC (permalink / raw)
  To: Ivan Gyurdiev; +Cc: SELinux List

On Mon, 2005-10-31 at 06:04 -0500, Ivan Gyurdiev wrote:
> - fix set_roles to properly handle num_roles = 0
> - simplify a bit...

Merged all 5 patches (record interfaces, dbase flush, common database,
record bugfixes, set roles) as of libsepol 1.9.34 and libsemanage
1.3.39.

-- 
Stephen Smalley
National Security Agency


--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.

^ permalink raw reply	[flat|nested] 2+ messages in thread

end of thread, other threads:[~2005-10-31 16:11 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2005-10-31 11:04 [ SEPOL 3 ] Improve/fix sepol_user_set_roles Ivan Gyurdiev
2005-10-31 16:11 ` Stephen Smalley

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.