Hash on the value since there are multiple levels of indirection to the
underlying object. Otherwise hashing keys never match up multiple
instances of a Python object that point to the same policy object.
Also add a repr function that will make debugging doable when dealing
with Symbol objects instead of string representations.
Removes low-level policy representation details from the interface for
avrule/terule structs and adds the member function for filename_trans,
role_allow, role_trans, and range_trans structs.
libqpol' hashtable iterator uses non-const data, so
ebitmap_state_get_cur_polcap needs to return a "void *" out of a "const
char *".
This fixes the following gcc warning:
libqpol/iterator.c: In function 'ebitmap_state_get_cur_polcap':
libqpol/iterator.c:653:2: warning: return discards 'const' qualifier
from pointer target type
return sepol_polcap_getname(es->cur);
^
This also adds a warning from "gcc -Wcast-qual" but compiling with this
switch leads to way more warnings.
Literal strings are located in read-only memory and should be "const
char*". "gcc -Wwrite-strings" warns when using non-const literal
strings with messages like:
libqpol/policy_parse.y: In function 'yyparse':
libqpol/policy_parse.y:381:21: warning: passing argument 1 of
'insert_id' discards 'const' qualifier from pointer target type
{ if (insert_id("T",0)) return -1; }
^
Fix these warnings by using "const char*" instead of "char*" for some
function parameters.
This makes gcc report other warnings about hashtab_search (from
libsepol). This function incorrectly defines its second parameter as
"char *const key" instead of "const char* key" (this fact is hidden
behind hashtab_key_t typedef).
"gcc -Wwrite-strings" reported warnings when using hashtab_search (from
libsepol) with string literals as its second parameter is a non-constant
string.
Indeed /usr/include/sepol/policydb/hashtab.h contains:
typedef char *hashtab_key_t;
/* ... */
extern hashtab_datum_t hashtab_search(hashtab_t h, const hashtab_key_t k);
This means the second parameter is "char *const k", not "const char *k".
As a consequence:
* Casting to "const hashtab_key_t" leads to misunderstanding the code.
* "const char*" variables need to be explicitly casted to "char*" or
"hashtab_key_t" before calling hashtab_search.
* When using "gcc -Wwrite-strings", literal strings need to be casted to
"char*" or "hashtab_key_t" before calling hashtab_search.
* "gcc -Wcast-qual" reports an awful amount of warnings due to
const-to-nonconst pointer casts.
Add missing casts to hashtab_key_t to help finding real bugs in
setools/libqpol with gcc flags.
This fixes gcc warnings like:
libqpol/avrule_query.c: In function 'qpol_avrule_get_perm_iter':
libqpol/avrule_query.c:159:14: warning: variable 'db' set but not used
[-Wunused-but-set-variable]
policydb_t *db = NULL;
^
"python setup.py build" compiles libqpol with -DNDEBUG, which disables
the effect of assert(0). abort() is not affected by NDEBUG, so use it
instead.
This fixes gcc warnings like this:
libqpol/module_compiler.c: In function 'declare_role':
libqpol/module_compiler.c:314:1: warning: control reaches end of
non-void function [-Wreturn-type]
gcc reported:
libqpol/constraint_query.c: In function 'qpol_constraint_expr_node_get_names_iter':
libqpol/constraint_query.c:783:45: error: pointer targets in passing
argument 2 of 'qpol_policy_get_policy_version' differ in signedness
[-Werror=pointer-sign]
if (qpol_policy_get_policy_version(policy, &policy_version))
^
In file included from libqpol/constraint_query.c:29:0:
libqpol/include/qpol/policy.h:250:13: note: expected 'unsigned int
*' but argument is of type 'int *'
extern int qpol_policy_get_policy_version(const qpol_policy_t * policy, unsigned int *version);
^
Python builds C extensions with -Wstrict-prototypes. This triggers
warnings when defining functions wirth () for "any number of
parameters".
Remove these warnings by always specifying parameters.
The declaration of fstat was missing. "gcc -Wall" reported:
libqpol/policy.c: In function 'qpol_policy_open_from_file_opt':
libqpol/policy.c:1060:3: warning: implicit declaration of function
'fstat' [-Wimplicit-function-declaration]
if (fstat(fd, &sb) < 0) {
^
gcc reported the following warnings:
libqpol/policy_extend.c: In function 'qpol_avrule_get_syn_avrule_iter':
libqpol/policy_extend.c:1219:3: warning: format '%S' expects
argument of type 'wchar_t *', but argument 4 has type 'char *'
[-Wformat=]
ERR(policy, "%S", strerror(error));
^
libqpol/policy_extend.c: In function 'qpol_terule_get_syn_terule_iter':
libqpol/policy_extend.c:1320:3: warning: format '%S' expects
argument of type 'wchar_t *', but argument 4 has type 'char *'
[-Wformat=]
ERR(policy, "%S", strerror(error));
^
"gcc -Wformat" needs printing functions to be marked with a format
attribute to be able to work. Add this attribute to some functions in
libqpol, found with "gcc -Werror=missing-format-attribute"
gcc documentation about format attribute:
https://gcc.gnu.org/onlinedocs/gcc/Function-Attributes.html
* Add printf format specifier for yyerror2 to be able to use
"gcc -Wformat-security"
* Constify message string to avoid gcc warnings about casting string
literals to non-const char*.
Otherwise the Python would have to use unsafe cdata.i SWIG functions to
access the memory areas to do the same thing.
Also eliminate the QPOL_IPV4/QPOL_IPV6 from the protocol funtion, to
abstract away the binary policy representation details.
