git: 1fa1e3f3950f - main - MAC/do: Do not skip blanks when parsing executable paths
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Fri, 29 May 2026 16:01:58 UTC
The branch main has been updated by olce:
URL: https://cgit.FreeBSD.org/src/commit/?id=1fa1e3f3950fc0593ab73ea075c24c9bfbe8afd6
commit 1fa1e3f3950fc0593ab73ea075c24c9bfbe8afd6
Author: Olivier Certner <olce@FreeBSD.org>
AuthorDate: 2026-05-07 15:32:28 +0000
Commit: Olivier Certner <olce@FreeBSD.org>
CommitDate: 2026-05-29 15:37:14 +0000
MAC/do: Do not skip blanks when parsing executable paths
The kind of tolerance we apply to parsing rules, whose format we have
defined, cannot be applied to paths since blank characters are allowed
there.
There is still the limitation that no escape character is currently
supported, and so it is not possible to configure a path having a ':'
character.
Reviewed by: bapt
Fixes: 9818224174c4 ("MAC/do: Executable paths feature (GSoC 2025's final state)")
MFC after: 1 month
Sponsored by: The FreeBSD Foundation
Pull Request: https://ron-dev.freebsd.org/FreeBSD/src/pulls/38
---
sys/security/mac_do/mac_do.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/sys/security/mac_do/mac_do.c b/sys/security/mac_do/mac_do.c
index c30ece0a0794..9e9f57be6c3c 100644
--- a/sys/security/mac_do/mac_do.c
+++ b/sys/security/mac_do/mac_do.c
@@ -1163,7 +1163,7 @@ parse_exec_paths(const char *const string, struct exec_paths *const exec_paths,
MPASS(copy[len] == '\0');
p = copy;
- while ((path = strsep_noblanks(&p, ":")) != NULL) {
+ while ((path = strsep(&p, ":")) != NULL) {
size_t path_len;
if (*path == '\0')