Todd C. Miller wrote: > This is a patch I sent in last year but forgot to split up as > requested; it still applies to the recently-released selinux-1.34.0. > > THe patch replaces usage of the non-standard %as scanf() format > (which conflicts with C99) with strtok_r(). This does mean that > line_buf is modified but this variable is only used as an argument > to process_line() and is freed thereafter. > > I made this change as part of the port of libselinux to SEBSD and > SEDarwin. > > - todd Acked-by: Karl MacMillan I made a few updates for style (the !! thing was too clever for me) and merged into trunk and stable. Actual merged version is attached. > --- matchpathcon.c 2007-01-25 14:19:39.000000000 -0500 > +++ matchpathcon.c 2007-01-25 14:21:32.000000000 -0500 > @@ -444,7 +444,7 @@ > int pass, unsigned lineno) > { > int items, len, regerr, ret; > - char *buf_p; > + char *buf_p, *ptr; > char *regex, *type, *context; > const char *reg_buf; > char *anchored_regex; > @@ -459,7 +459,11 @@ > /* Skip comment lines and empty lines. */ > if (*buf_p == '#' || *buf_p == 0) > return 0; > - items = sscanf(line_buf, "%as %as %as", ®ex, &type, &context); > + > + regex = strtok_r(buf_p, " \t", &ptr); > + type = strtok_r(NULL, " \t", &ptr); > + context = strtok_r(NULL, " \t", &ptr); > + items = !!regex + !!type + !!context; > if (items < 2) { > myprintf("%s: line %d is missing fields, skipping\n", path, > lineno); > @@ -470,6 +474,15 @@ > type = NULL; > } > > + regex = strdup(regex); > + if (type != NULL) > + type = strdup(type); > + context = strdup(context); > + if (!!regex + !!type + !!context != items) { > + ret = -1; > + goto finish; > + } > + > reg_buf = regex; > len = get_stem_from_spec(reg_buf); > if (len && prefix && strncmp(prefix, regex, len)) { > > -- > This message was distributed to subscribers of the selinux mailing list. > If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with > the words "unsubscribe selinux" without quotes as the message.