PERFORCE change 87609 for review
    Todd Miller 
    millert at FreeBSD.org
       
    Thu Dec  1 21:34:17 GMT 2005
    
    
  
http://perforce.freebsd.org/chv.cgi?CH=87609
Change 87609 by millert at millert_g4tower on 2005/12/01 21:33:45
	Call mac_check_name_port_access() with correct args.
	Dynamically alloc buffer instead of using gcc extension
Affected files ...
.. //depot/projects/trustedbsd/sedarwin7/src/sedarwin/libselinux/src/check_context.c#3 edit
Differences ...
==== //depot/projects/trustedbsd/sedarwin7/src/sedarwin/libselinux/src/check_context.c#3 (text+ko) ====
@@ -1,24 +1,24 @@
 #include <sys/types.h>
+#include <errno.h>
+#include <limits.h>
+#include <stdio.h>
 #include <stdlib.h>
-#include <errno.h>
-#include <string.h>
+#include <mach/mach.h>
+#include <mach/security.h>
 #include <selinux/selinux.h>
-#include <limits.h>
 #include <sedarwin/sebsd.h>
-#include <mach/kern_return.h>
-#include <mach/security.h>
 
 int security_check_context(security_context_t con)
 {
 	kern_return_t kr;
-	char buf[strlen(con) + strlen(SEBSD_ID_STRING) + 2];
+	char *buf;
 
-	strcpy(buf, SEBSD_ID_STRING);
-	strcat(buf, "/");
-	strcat(buf, con);
+	if (asprintf(&buf, "%s/%s", SEBSD_ID_STRING, con) == -1)
+		return (-1);
 
-	kr = mac_check_name_port_access(mach_task_self(), mach_task_self(),
-	    buf, "file", "read");
+	kr = mac_check_name_port_access(mach_task_self(), buf, mach_task_self(),
+	    "file", "read");
+	free(buf);
 	if (kr == KERN_INVALID_ARGUMENT)
 		return (-1);
 	else
    
    
More information about the p4-projects
mailing list