PERFORCE change 31982 for review

Wed May 28 15:58:20 GMT 2003

http://perforce.freebsd.org/chv.cgi?CH=31982

Change 31982 by rwatson at rwatson_tislabs on 2003/05/28 08:57:19

	Mirror MLS element parsing cleanup into Biba: add comments,
	avoid pointer arithmetic, use more meaningful variable names,
	avoid concurrent assignment and other operations.

Affected files ...

.. //depot/projects/trustedbsd/mac/sys/security/mac_biba/mac_biba.c#205 edit

Differences ...

==== //depot/projects/trustedbsd/mac/sys/security/mac_biba/mac_biba.c#205 (text+ko) ====

@@ -675,8 +675,8 @@
 static int
 mac_biba_parse_element(struct mac_biba_element *element, char *string)
 {
-	char *p, *tp, *np;
-	int crange, d, i;
+	char *compartment, *end, *grade;
+	int i, inset, setbase, value;
 
 	if (strcmp(string, "high") == 0 ||
 	    strcmp(string, "hi") == 0) {
@@ -691,37 +691,68 @@
 		element->mbe_type = MAC_BIBA_TYPE_EQUAL;
 		element->mbe_grade = MAC_BIBA_TYPE_UNDEF;
 	} else {
-		d = strtol(string, &p, 10);
-		if (d < 0 || d > 65535)
+		element->mbe_type = MAC_BIBA_TYPE_GRADE;
+
+		/*
+		 * Numeric grade piece of the element.
+		 */
+		grade = strsep(&string, ":");
+		value = strtol(grade, &end, 10);
+		if (end == grade || *end != '\0')
+			return (EINVAL);
+		if (value < 0 || value > 65535)
 			return (EINVAL);
+		element->mbe_grade = value;
 
-		element->mbe_type = MAC_BIBA_TYPE_GRADE;
-		element->mbe_grade = d;
-
-		if (p == string || *p == '\0')
+		/*
+		 * Optional compartment piece of the element.  If none
+		 * are included, we assume that the label has no
+		 * compartments.
+		 */
+		if (string == NULL)
 			return (0);
-		if (*p != ':')
-			return (EINVAL);
-		np = ++p;
-		if (np == NULL || *np == '\0')
+		if (*string == '\0')
 			return (0);
-		crange = d = 0;
-		while ((tp = strsep(&np, "+")) != NULL) {
-			d = strtol(tp, &p, 10);
-			if (*p != '\0' || d < 1 ||
-			    d > MAC_BIBA_MAX_COMPARTMENTS || crange >= d)
+
+		/*
+		 * Because we support a notation that accepts 'X++Y' for a
+		 * set of continuous compartment values, we must keep track
+		 * of the most recent possible start value.  Initialize the
+		 * tracking to (-1) to indicate that we don't have a base
+		 * for the set yet.
+		 */
+		setbase = -1;
+		inset = 0;
+		while ((compartment = strsep(&string, "+")) != NULL) {
+			if (*compartment == '\0') {
+				/* No base yet. */
+				if (setbase == -1)
+					return (EINVAL);
+				/* Already in set. */
+				if (inset != 0)
+					return (EINVAL);
+				inset = 1;
+				continue;
+			}
+			/*
+			 * An actual entry in the list, possible following
+			 * a continuous compartment set.
+			 */
+			value = strtol(compartment, &end, 10);
+			if (compartment == end || *end != '\0')
+				return (EINVAL);
+			if (value < 1 || value > MAC_BIBA_MAX_COMPARTMENTS)
 				return (EINVAL);
-			if (crange > 0) {
-				for (i = crange; i <= d; i++)
+			if (inset) {
+				for (i = setbase; i <= value; i++) {
 					MAC_BIBA_BIT_SET(i,
 					    element->mbe_compartments);
-				crange = 0;
-			}
-			if (np != NULL && *np == '+') {
-				++np;
-				crange = d;
+				}
+				inset = 0;
 			} else
-				MAC_BIBA_BIT_SET(d, element->mbe_compartments);
+				MAC_BIBA_BIT_SET(value,
+				    element->mbe_compartments);
+			setbase = value;
 		}
 	}
 	return (0);
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-cvs" in the body of the message

