PERFORCE change 39376 for review

Hrishikesh Dandekar hdandeka at FreeBSD.org
Wed Oct 8 22:12:50 GMT 2003


http://perforce.freebsd.org/chv.cgi?CH=39376

Change 39376 by hdandeka at hdandeka_yash on 2003/10/08 15:11:55

	Fix the call to security_load_policy. It now accepts the buffer and
	the len instead of the fp.

Affected files ...

.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/checkpolicy/checkpolicy.c#4 edit

Differences ...

==== //depot/projects/trustedbsd/sebsd/contrib/sebsd/checkpolicy/checkpolicy.c#4 (text+ko) ====

@@ -36,6 +36,7 @@
 #include <string.h>
 #include <sys/types.h>
 #include <sys/socket.h>
+#include <sys/stat.h>
 #include <netinet/in.h>
 #include "linux-compat.h"
 #else /* __FreeBSD__ */
@@ -319,6 +320,9 @@
 	unsigned int binary = 0, debug = 0;
 	int ret, ch, nel;
 	FILE *fp, *outfp = NULL;
+	void *filedata;
+	struct stat fsb;
+	size_t filelen;
 
 	while ((ch = getopt(argc, argv, "o:dbV")) != EOF) {
 		switch (ch) {
@@ -620,7 +624,25 @@
 				printf("%s:  unable to open %s\n", argv[0], ans);
 				break;
 			}
-			ret = security_load_policy(fp);
+			if(stat(ans, &fsb) == -1) {
+				printf("%s:  unable to get size of %s\n", argv[0], ans);
+				break;
+			}
+			filelen = (size_t) fsb.st_size;
+			if ( ((off_t) filelen) != fsb.st_size ) {
+				 printf("%s:  large file, size truncated\n", argv[0]);
+                                 break;
+			}
+			filedata = malloc(filelen);
+			if (!filedata) {
+		                fprintf(stderr, "out of memory\n");
+		                exit(1);
+		        }
+			if(fread(filedata, filelen, 1, fp) != filelen) {
+				printf("%s:  unable to get read from %s\n", argv[0], ans);
+				break;
+			}
+			ret = security_load_policy(filedata, filelen);
 			switch (ret) {
 			case 0:
 				printf("\nsuccess\n");
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-cvs" in the body of the message



More information about the trustedbsd-cvs mailing list