From: "Christian Göttsche" <cgzones@googlemail.com>
To: selinux@vger.kernel.org
Subject: [PATCH 3/3] libsepol: extended permission formatting cleanup
Date: Mon, 11 Dec 2023 15:48:26 +0100 [thread overview]
Message-ID: <20231211144827.121636-3-cgzones@googlemail.com> (raw)
In-Reply-To: <20231211144827.121636-1-cgzones@googlemail.com>
Declare the read-only permission parameter const.
Use a more readable overflow check, which is also resilient against
changes of the growth factor or initial size.
Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
---
libsepol/include/sepol/policydb/util.h | 2 +-
libsepol/src/kernel_to_cil.c | 5 ++---
libsepol/src/util.c | 5 ++---
3 files changed, 5 insertions(+), 7 deletions(-)
diff --git a/libsepol/include/sepol/policydb/util.h b/libsepol/include/sepol/policydb/util.h
index 4ea5a346..abaff698 100644
--- a/libsepol/include/sepol/policydb/util.h
+++ b/libsepol/include/sepol/policydb/util.h
@@ -34,7 +34,7 @@ extern int add_i_to_a(uint32_t i, uint32_t * cnt, uint32_t ** a);
extern char *sepol_av_to_string(policydb_t * policydbp, uint32_t tclass,
sepol_access_vector_t av);
-char *sepol_extended_perms_to_string(avtab_extended_perms_t *xperms);
+char *sepol_extended_perms_to_string(const avtab_extended_perms_t *xperms);
/*
* The tokenize function may be used to
diff --git a/libsepol/src/kernel_to_cil.c b/libsepol/src/kernel_to_cil.c
index bcb58eee..119b657b 100644
--- a/libsepol/src/kernel_to_cil.c
+++ b/libsepol/src/kernel_to_cil.c
@@ -1627,7 +1627,7 @@ exit:
#define next_bit_in_range(i, p) (((i) + 1 < sizeof(p)*8) && xperm_test(((i) + 1), p))
-static char *xperms_to_str(avtab_extended_perms_t *xperms)
+static char *xperms_to_str(const avtab_extended_perms_t *xperms)
{
uint16_t value;
uint16_t low_bit;
@@ -1644,8 +1644,7 @@ static char *xperms_to_str(avtab_extended_perms_t *xperms)
}
retry:
- size *= 2;
- if (size == 0)
+ if (__builtin_mul_overflow(size, 2, &size))
goto err;
p = realloc(buffer, size);
if (!p)
diff --git a/libsepol/src/util.c b/libsepol/src/util.c
index 4a6f7d11..687336c8 100644
--- a/libsepol/src/util.c
+++ b/libsepol/src/util.c
@@ -126,7 +126,7 @@ char *sepol_av_to_string(policydb_t * policydbp, uint32_t tclass,
#define next_bit_in_range(i, p) (((i) + 1 < sizeof(p)*8) && xperm_test(((i) + 1), p))
-char *sepol_extended_perms_to_string(avtab_extended_perms_t *xperms)
+char *sepol_extended_perms_to_string(const avtab_extended_perms_t *xperms)
{
uint16_t value;
uint16_t low_bit;
@@ -142,8 +142,7 @@ char *sepol_extended_perms_to_string(avtab_extended_perms_t *xperms)
return NULL;
retry:
- size *= 2;
- if (size == 0)
+ if (__builtin_mul_overflow(size, 2, &size))
goto err;
p = realloc(buffer, size);
if (!p)
--
2.43.0
next prev parent reply other threads:[~2023-12-11 14:48 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-12-11 14:48 [PATCH 1/3] libsepol: constify tokenized input Christian Göttsche
2023-12-11 14:48 ` [PATCH 2/3] libsepol: avoid integer overflow in add_i_to_a() Christian Göttsche
2023-12-11 14:48 ` Christian Göttsche [this message]
2023-12-11 15:49 ` [PATCH 1/3] libsepol: constify tokenized input James Carter
2023-12-12 16:43 ` James Carter
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20231211144827.121636-3-cgzones@googlemail.com \
--to=cgzones@googlemail.com \
--cc=selinux@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.