From: Nicolas Iooss <nicolas.iooss@m4x.org>
To: selinux@vger.kernel.org
Subject: [PATCH 3/6] libsepol/cil: constify some strings
Date: Wed, 30 Dec 2020 11:07:43 +0100 [thread overview]
Message-ID: <20201230100746.2549568-3-nicolas.iooss@m4x.org> (raw)
In-Reply-To: <20201230100746.2549568-1-nicolas.iooss@m4x.org>
Function cil_add_file() copies its input into a newly-allocated buffer,
and does not modify "name". State these properties in the types of
parameters by adding "const" qualifiers.
This enables using LibFuzzer directly on cil_add_file(), without a
warning about discarding "const" qualifier:
fuzz-secilc.c: In function ‘LLVMFuzzerTestOneInput’:
fuzz-secilc.c:57:31: warning: passing argument 3 of ‘cil_add_file’
discards ‘const’ qualifier from pointer target type
[-Wdiscarded-qualifiers]
57 | if (cil_add_file(db, "fuzz", data, size) != SEPOL_OK)
| ^~~~
In file included from fuzz-secilc.c:26:
/usr/include/sepol/cil/cil.h:45:57: note: expected ‘char *’ but
argument is of type ‘const uint8_t *’ {aka ‘const unsigned char *’}
45 | extern int cil_add_file(cil_db_t *db, char *name, char *data, size_t size);
| ~~~~~~^~~~
Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
---
libsepol/cil/include/cil/cil.h | 4 ++--
libsepol/cil/src/cil.c | 2 +-
libsepol/cil/src/cil_log.c | 6 +++---
libsepol/cil/src/cil_parser.c | 2 +-
libsepol/cil/src/cil_parser.h | 2 +-
5 files changed, 8 insertions(+), 8 deletions(-)
diff --git a/libsepol/cil/include/cil/cil.h b/libsepol/cil/include/cil/cil.h
index f8cfc3be5015..e6f4503eb33a 100644
--- a/libsepol/cil/include/cil/cil.h
+++ b/libsepol/cil/include/cil/cil.h
@@ -42,7 +42,7 @@ typedef struct cil_db cil_db_t;
extern void cil_db_init(cil_db_t **db);
extern void cil_db_destroy(cil_db_t **db);
-extern int cil_add_file(cil_db_t *db, char *name, char *data, size_t size);
+extern int cil_add_file(cil_db_t *db, const char *name, const char *data, size_t size);
extern int cil_compile(cil_db_t *db);
extern int cil_build_policydb(cil_db_t *db, sepol_policydb_t **sepol_db);
@@ -67,7 +67,7 @@ enum cil_log_level {
CIL_INFO
};
extern void cil_set_log_level(enum cil_log_level lvl);
-extern void cil_set_log_handler(void (*handler)(int lvl, char *msg));
+extern void cil_set_log_handler(void (*handler)(int lvl, const char *msg));
#ifdef __GNUC__
__attribute__ ((format(printf, 2, 3)))
diff --git a/libsepol/cil/src/cil.c b/libsepol/cil/src/cil.c
index bb7f06d5c4b3..99c8e288912c 100644
--- a/libsepol/cil/src/cil.c
+++ b/libsepol/cil/src/cil.c
@@ -500,7 +500,7 @@ void cil_root_destroy(struct cil_root *root)
free(root);
}
-int cil_add_file(cil_db_t *db, char *name, char *data, size_t size)
+int cil_add_file(cil_db_t *db, const char *name, const char *data, size_t size)
{
char *buffer = NULL;
int rc;
diff --git a/libsepol/cil/src/cil_log.c b/libsepol/cil/src/cil_log.c
index b222b155120a..a8e4d2e94a78 100644
--- a/libsepol/cil/src/cil_log.c
+++ b/libsepol/cil/src/cil_log.c
@@ -37,14 +37,14 @@
static enum cil_log_level cil_log_level = CIL_ERR;
-void cil_default_log_handler(__attribute__((unused)) int lvl, char *msg)
+void cil_default_log_handler(__attribute__((unused)) int lvl, const char *msg)
{
fprintf(stderr, "%s", msg);
}
-void (*cil_log_handler)(int lvl, char *msg) = &cil_default_log_handler;
+void (*cil_log_handler)(int lvl, const char *msg) = &cil_default_log_handler;
-void cil_set_log_handler(void (*handler)(int lvl, char *msg))
+void cil_set_log_handler(void (*handler)(int lvl, const char *msg))
{
cil_log_handler = handler;
}
diff --git a/libsepol/cil/src/cil_parser.c b/libsepol/cil/src/cil_parser.c
index a8af1dce2c4b..b62043b95806 100644
--- a/libsepol/cil/src/cil_parser.c
+++ b/libsepol/cil/src/cil_parser.c
@@ -196,7 +196,7 @@ static void add_cil_path(struct cil_tree_node **current, char *path)
insert_node(node, *current);
}
-int cil_parser(char *_path, char *buffer, uint32_t size, struct cil_tree **parse_tree)
+int cil_parser(const char *_path, char *buffer, uint32_t size, struct cil_tree **parse_tree)
{
int paren_count = 0;
diff --git a/libsepol/cil/src/cil_parser.h b/libsepol/cil/src/cil_parser.h
index 02ecb784e95c..1cec63944fdf 100644
--- a/libsepol/cil/src/cil_parser.h
+++ b/libsepol/cil/src/cil_parser.h
@@ -32,6 +32,6 @@
#include "cil_tree.h"
-int cil_parser(char *path, char *buffer, uint32_t size, struct cil_tree **parse_tree);
+int cil_parser(const char *path, char *buffer, uint32_t size, struct cil_tree **parse_tree);
#endif /* CIL_PARSER_H_ */
--
2.29.2
next prev parent reply other threads:[~2020-12-30 10:08 UTC|newest]
Thread overview: 23+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-12-30 10:07 [PATCH 1/6] libsepol: do not decode out-of-bound rolebounds Nicolas Iooss
2020-12-30 10:07 ` [PATCH 2/6] libsepol: ensure that hashtab_search is not called with a NULL key Nicolas Iooss
2021-01-04 16:31 ` James Carter
2021-01-06 8:12 ` Nicolas Iooss
2020-12-30 10:07 ` Nicolas Iooss [this message]
2021-01-04 16:33 ` [PATCH 3/6] libsepol/cil: constify some strings James Carter
2021-01-05 16:07 ` James Carter
2020-12-30 10:07 ` [PATCH 4/6] libsepol/cil: fix NULL pointer dereference when parsing an improper integer Nicolas Iooss
2020-12-31 15:04 ` William Roberts
2021-01-02 11:13 ` Nicolas Iooss
2021-01-03 18:32 ` William Roberts
2021-01-04 16:43 ` James Carter
2021-01-05 12:51 ` William Roberts
2020-12-30 10:07 ` [PATCH 5/6] libsepol/cil: fix out-of-bound read in cil_print_recursive_blockinherit Nicolas Iooss
2021-01-04 18:17 ` James Carter
2021-01-05 16:08 ` James Carter
2020-12-30 10:07 ` [PATCH 6/6] libsepol/cil: destroy perm_datums when __cil_resolve_perms fails Nicolas Iooss
2020-12-31 15:05 ` William Roberts
2021-01-04 18:18 ` James Carter
2021-01-05 16:08 ` James Carter
2021-01-04 15:48 ` [PATCH 1/6] libsepol: do not decode out-of-bound rolebounds James Carter
2021-01-04 15:51 ` James Carter
2021-01-06 8:05 ` Nicolas Iooss
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20201230100746.2549568-3-nicolas.iooss@m4x.org \
--to=nicolas.iooss@m4x.org \
--cc=selinux@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).