mirror of
https://github.com/SELinuxProject/setools
synced 2025-02-13 18:36:52 +00:00
2994d1ca1d
"gcc -Wwrite-strings" reported warnings when using hashtab_search (from
libsepol) with string literals as its second parameter is a non-constant
string.
Indeed /usr/include/sepol/policydb/hashtab.h contains:
typedef char *hashtab_key_t;
/* ... */
extern hashtab_datum_t hashtab_search(hashtab_t h, const hashtab_key_t k);
This means the second parameter is "char *const k", not "const char *k".
As a consequence:
* Casting to "const hashtab_key_t" leads to misunderstanding the code.
* "const char*" variables need to be explicitly casted to "char*" or
"hashtab_key_t" before calling hashtab_search.
* When using "gcc -Wwrite-strings", literal strings need to be casted to
"char*" or "hashtab_key_t" before calling hashtab_search.
* "gcc -Wcast-qual" reports an awful amount of warnings due to
const-to-nonconst pointer casts.
Add missing casts to hashtab_key_t to help finding real bugs in
setools/libqpol with gcc flags.
225 lines
5.7 KiB
C
225 lines
5.7 KiB
C
/**
|
|
* @file
|
|
* Implementation of the interface for searching and iterating over users.
|
|
*
|
|
* @author Jeremy A. Mowery jmowery@tresys.com
|
|
* @author Jason Tang jtang@tresys.com
|
|
*
|
|
* Copyright (C) 2006-2007 Tresys Technology, LLC
|
|
*
|
|
* This library is free software; you can redistribute it and/or
|
|
* modify it under the terms of the GNU Lesser General Public
|
|
* License as published by the Free Software Foundation; either
|
|
* version 2.1 of the License, or (at your option) any later version.
|
|
*
|
|
* This library is distributed in the hope that it will be useful,
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
* Lesser General Public License for more details.
|
|
*
|
|
* You should have received a copy of the GNU Lesser General Public
|
|
* License along with this library; if not, write to the Free Software
|
|
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
|
|
*/
|
|
|
|
#include <config.h>
|
|
|
|
#include <stddef.h>
|
|
#include <stdint.h>
|
|
#include <stdlib.h>
|
|
|
|
#include <sepol/policydb/policydb.h>
|
|
#include <sepol/policydb/expand.h>
|
|
|
|
#include <qpol/iterator.h>
|
|
#include <qpol/mls_query.h>
|
|
#include <qpol/policy.h>
|
|
#include <qpol/role_query.h>
|
|
#include <qpol/user_query.h>
|
|
#include "iterator_internal.h"
|
|
#include "qpol_internal.h"
|
|
|
|
int qpol_policy_get_user_by_name(const qpol_policy_t * policy, const char *name, const qpol_user_t ** datum)
|
|
{
|
|
hashtab_datum_t internal_datum;
|
|
policydb_t *db;
|
|
|
|
if (policy == NULL || name == NULL || datum == NULL) {
|
|
if (datum != NULL)
|
|
*datum = NULL;
|
|
ERR(policy, "%s", strerror(EINVAL));
|
|
errno = EINVAL;
|
|
return STATUS_ERR;
|
|
}
|
|
|
|
db = &policy->p->p;
|
|
internal_datum = hashtab_search(db->p_users.table, (hashtab_key_t)name);
|
|
if (internal_datum == NULL) {
|
|
*datum = NULL;
|
|
ERR(policy, "could not find datum for user %s", name);
|
|
errno = ENOENT;
|
|
return STATUS_ERR;
|
|
}
|
|
*datum = (qpol_user_t *) internal_datum;
|
|
|
|
return STATUS_SUCCESS;
|
|
}
|
|
|
|
int qpol_policy_get_user_iter(const qpol_policy_t * policy, qpol_iterator_t ** iter)
|
|
{
|
|
policydb_t *db;
|
|
hash_state_t *hs = NULL;
|
|
int error = 0;
|
|
|
|
if (policy == NULL || iter == NULL) {
|
|
if (iter != NULL)
|
|
*iter = NULL;
|
|
ERR(policy, "%s", strerror(EINVAL));
|
|
errno = EINVAL;
|
|
return STATUS_ERR;
|
|
}
|
|
|
|
db = &policy->p->p;
|
|
|
|
hs = calloc(1, sizeof(hash_state_t));
|
|
if (hs == NULL) {
|
|
error = errno;
|
|
ERR(policy, "%s", strerror(ENOMEM));
|
|
errno = error;
|
|
return STATUS_ERR;
|
|
}
|
|
hs->table = &db->p_users.table;
|
|
hs->node = (*(hs->table))->htable[0];
|
|
|
|
if (qpol_iterator_create(policy, (void *)hs, hash_state_get_cur,
|
|
hash_state_next, hash_state_end, hash_state_size, free, iter)) {
|
|
free(hs);
|
|
return STATUS_ERR;
|
|
}
|
|
|
|
if (hs->node == NULL)
|
|
hash_state_next(*iter);
|
|
|
|
return STATUS_SUCCESS;
|
|
}
|
|
|
|
int qpol_user_get_value(const qpol_policy_t * policy, const qpol_user_t * datum, uint32_t * value)
|
|
{
|
|
user_datum_t *internal_datum;
|
|
|
|
if (policy == NULL || datum == NULL || value == NULL) {
|
|
if (value != NULL)
|
|
*value = 0;
|
|
ERR(policy, "%s", strerror(EINVAL));
|
|
errno = EINVAL;
|
|
return STATUS_ERR;
|
|
}
|
|
|
|
internal_datum = (user_datum_t *) datum;
|
|
*value = internal_datum->s.value;
|
|
|
|
return STATUS_SUCCESS;
|
|
}
|
|
|
|
int qpol_user_get_role_iter(const qpol_policy_t * policy, const qpol_user_t * datum, qpol_iterator_t ** roles)
|
|
{
|
|
user_datum_t *internal_datum = NULL;
|
|
int error = 0;
|
|
ebitmap_state_t *es = NULL;
|
|
|
|
if (policy == NULL || datum == NULL || roles == NULL) {
|
|
if (roles != NULL)
|
|
*roles = NULL;
|
|
ERR(policy, "%s", strerror(EINVAL));
|
|
errno = EINVAL;
|
|
return STATUS_ERR;
|
|
}
|
|
|
|
internal_datum = (user_datum_t *) datum;
|
|
|
|
es = calloc(1, sizeof(ebitmap_state_t));
|
|
if (es == NULL) {
|
|
error = errno;
|
|
ERR(policy, "%s", strerror(ENOMEM));
|
|
errno = error;
|
|
return STATUS_ERR;
|
|
}
|
|
|
|
es->bmap = &(internal_datum->roles.roles);
|
|
es->cur = es->bmap->node ? es->bmap->node->startbit : 0;
|
|
|
|
if (qpol_iterator_create(policy, es, ebitmap_state_get_cur_role,
|
|
ebitmap_state_next, ebitmap_state_end, ebitmap_state_size, free, roles)) {
|
|
free(es);
|
|
return STATUS_ERR;
|
|
}
|
|
|
|
if (es->bmap->node && !ebitmap_get_bit(es->bmap, es->cur))
|
|
ebitmap_state_next(*roles);
|
|
|
|
return STATUS_SUCCESS;
|
|
}
|
|
|
|
int qpol_user_get_range(const qpol_policy_t * policy, const qpol_user_t * datum, const qpol_mls_range_t ** range)
|
|
{
|
|
user_datum_t *internal_datum = NULL;
|
|
|
|
if (policy == NULL || datum == NULL || range == NULL) {
|
|
if (range != NULL)
|
|
*range = NULL;
|
|
ERR(policy, "%s", strerror(EINVAL));
|
|
errno = EINVAL;
|
|
return STATUS_ERR;
|
|
}
|
|
|
|
if (!qpol_policy_has_capability(policy, QPOL_CAP_MLS)) {
|
|
*range = NULL;
|
|
} else {
|
|
internal_datum = (user_datum_t *) datum;
|
|
*range = (qpol_mls_range_t *) & internal_datum->exp_range;
|
|
}
|
|
return STATUS_SUCCESS;
|
|
}
|
|
|
|
int qpol_user_get_dfltlevel(const qpol_policy_t * policy, const qpol_user_t * datum, const qpol_mls_level_t ** level)
|
|
{
|
|
user_datum_t *internal_datum = NULL;
|
|
|
|
if (policy == NULL || datum == NULL || level == NULL) {
|
|
if (level != NULL)
|
|
*level = NULL;
|
|
ERR(policy, "%s", strerror(EINVAL));
|
|
errno = EINVAL;
|
|
return STATUS_ERR;
|
|
}
|
|
|
|
if (!qpol_policy_has_capability(policy, QPOL_CAP_MLS)) {
|
|
*level = NULL;
|
|
} else {
|
|
internal_datum = (user_datum_t *) datum;
|
|
*level = (qpol_mls_level_t *) & internal_datum->exp_dfltlevel;
|
|
}
|
|
return STATUS_SUCCESS;
|
|
}
|
|
|
|
int qpol_user_get_name(const qpol_policy_t * policy, const qpol_user_t * datum, const char **name)
|
|
{
|
|
user_datum_t *internal_datum = NULL;
|
|
policydb_t *db = NULL;
|
|
|
|
if (policy == NULL || datum == NULL || name == NULL) {
|
|
if (name != NULL)
|
|
*name = NULL;
|
|
ERR(policy, "%s", strerror(EINVAL));
|
|
errno = EINVAL;
|
|
return STATUS_ERR;
|
|
}
|
|
|
|
db = &policy->p->p;
|
|
internal_datum = (user_datum_t *) datum;
|
|
|
|
*name = db->p_user_val_to_name[internal_datum->s.value - 1];
|
|
|
|
return STATUS_SUCCESS;
|
|
}
|