policycoreutils: sestatus: rewrite to shut up coverity

The code did:

len = strlen(string);
new_string = malloc(len);
strncpy(new_string, string, len - 1)

Which is perfectly legal, but it pissed off coverity because 99/100
times if you do new_string = malloc(strlen(string)) you are doing it
wrong (you didn't leave room for the nul).  I rewrote that area to just
use strdup and then to blank out the last character with a nul.  It's
clear what's going on and nothing looks 'tricky'.  It does cost us 1
byte of heap allocation.  I think we can live with that to have safer
looking string handling code.

Signed-off-by: Eric Paris <eparis@redhat.com>
This commit is contained in:
Eric Paris 2013-02-05 16:16:39 -05:00
parent 295abb370b
commit 5c0d7113de

View File

@ -172,7 +172,7 @@ void printf_tab(const char *outp)
int main(int argc, char **argv)
{
/* these vars are reused several times */
int rc, opt, i, c, size;
int rc, opt, i, c;
char *context, *root_path;
/* files that need context checks */
@ -244,22 +244,21 @@ int main(int argc, char **argv)
}
printf_tab("SELinux root directory:");
if ((root_dir = selinux_path()) != NULL) {
/* The path has a trailing '/' so remove it */
size = strlen(root_dir);
root_path = malloc(size);
root_dir = selinux_path();
if (root_dir == NULL) {
printf("error (%s)\n", strerror(errno));
return -1;
}
/* The path has a trailing '/' so duplicate to edit */
root_path = strdup(root_dir);
if (!root_path) {
printf("malloc error (%s)\n", strerror(errno));
return -1;
}
memset(root_path, 0, size);
strncpy(root_path, root_dir, (size-1)) ;
/* actually blank the '/' */
root_path[strlen(root_path) - 1] = '\0';
printf("%s\n", root_path);
free(root_path);
} else {
printf("error (%s)\n", strerror(errno));
return -1;
}
/* Dump all the path information */
printf_tab("Loaded policy name:");