aboutsummaryrefslogtreecommitdiffstats
path: root/libselinux/src/booleans.c
Commit message (Collapse)AuthorAgeFilesLines
* libselinux: set an appropriate errno in booleans.cPetr Lautrbach2019-02-041-0/+1
| | | | | | | | | | Fixes: $ mkdir booleans $ sudo mount --bind ./booleans /sys/fs/selinux/booleans $ sudo getsebool -a getsebool: Unable to get boolean names: Success Signed-off-by: Petr Lautrbach <plautrba@redhat.com>
* libselinux: fix build warning in save_booleans()Stephen Smalley2018-05-081-1/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fix the following warning in save_booleans(). We could likely drop the function altogether, either ignoring or returning EINVAL if a non-zero permanent argument is passed to security_set_boolean_list(), since setting persistent booleans is now handled via libsemanage. This code and the corresponding security_load_booleans() code is legacy from RHEL4 days and could be removed although we would need to keep the ABI for compatibility. booleans.c: In function ‘save_booleans’: booleans.c:441:13: error: ‘%d’ directive output may be truncated writing between 1 and 11 bytes into a region of size between 0 and 8191 [-Werror=format-truncation=] "%s=%d\n", boolname, ^~ booleans.c:440:7: note: ‘snprintf’ output between 4 and 8205 bytes into a destination of size 8192 snprintf(outbuf, sizeof(outbuf), ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ "%s=%d\n", boolname, ~~~~~~~~~~~~~~~~~~~~ boollist[i].value); ~~~~~~~~~~~~~~~~~~ booleans.c:454:12: error: ‘%d’ directive output may be truncated writing between 1 and 11 bytes into a region of size between 0 and 8191 [-Werror=format-truncation=] "%s=%d\n", boolname, val); ^~ booleans.c:453:6: note: ‘snprintf’ output between 4 and 8205 bytes into a destination of size 8192 snprintf(outbuf, sizeof(outbuf), ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ "%s=%d\n", boolname, val); ~~~~~~~~~~~~~~~~~~~~~~~~~ Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
* libselinux: add O_CLOEXECNick Kralevich2017-04-121-7/+7
| | | | | | | Makes libselinux safer and less likely to leak file descriptors when used as part of a multithreaded program. Signed-off-by: Nick Kralevich <nnk@google.com>
* libselinux: make process_boolean() fail on invalid linesNicolas Iooss2017-04-111-23/+35
| | | | | | | | | | | | | | | When security_load_booleans() calls process_boolean() to parse a boolean definition, process_boolean() returns a successful value when it fails to use strtok_r() (e.g. when there is no "=" in the parsed line). This leads security_load_booleans() to use uninitialized name and/or val when setting the boolean into the policy. This issue has been found using clang's static analyzer and is similar to the one which has been fixed in libsepol with commit 76f8c04c197f ("libsepol: make process_boolean() fail on invalid lines"). Fix it in the same way. Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
* libselinux: DISABLE_BOOL move to include headersWilliam Roberts2016-10-181-2/+6
| | | | | | | | | Some systems, like Mac, don't have stdio_ext.h. Since we're building with DISABLE_BOOL=y on Mac, just include the header files with the DISABLE define, and use the bare minimum headers for DISABLE_BOOL=y. Signed-off-by: William Roberts <william.c.roberts@intel.com>
* libselinux: re-introduce DISABLE_BOOL=yWilliam Roberts2016-09-291-10/+54
| | | | | | | | | Provide stubs to the public boolean API that always returns -1. On Android, boolean symbols are needed for: external/ltrace/sysdeps/linux-gnu/trace.c Signed-off-by: William Roberts <william.c.roberts@intel.com>
* libselinux: drop usage of _D_ALLOC_NAMLENWilliam Roberts2016-09-231-2/+1
| | | | | | | | | _D_ALLOC_NAMLEN is not very portable. Currently, the code mallocs based on _D_ALLOC_NAMLEN() and then strcpy's dirent d_name into the buffer. Instead, just use strdup. Change-Id: I5c8ca47da2c593ea2726caba5781f5e9d9d910ae Signed-off-by: William Roberts <william.c.roberts@intel.com>
* libselinux: booleans: initialize pointer to silence coverietyEric Paris2012-09-121-1/+1
| | | | | | | | | The coveriety scanner is too stupid to realize that the strtok_r() function initializes the saveptr variable. Since we are passing a variable location without initializing it coveriety gets angry. Just shut up the scanner, but nothing was wrong to start with. Signed-off-by: Eric Paris <eparis@redhat.com>
* libselinux: expose selinux_boolean_subDan Walsh2012-09-121-4/+4
| | | | | | | Make selinux_boolean_sub a public method so getsebool can use it, as well as potentially used within libsemanage. Signed-off-by: Eric Paris <eparis@redhat.com>
* libselinux: boolean name equivalencyEric Paris2012-09-121-32/+126
| | | | | | | | Add support for booleans.subs file. Basically this allows us to finally change badly named booleans to some standard name. Signed-off-by: Eric Paris <eparis@redhat.com> Acked-by: Dan Walsh <dwalsh@redhat.com>
* libselinux: Remove assert in security_get_boolean_names(3)Richard Haines2011-12-051-2/+4
| | | | | | | | | Remove assert in security_get_boolean_names(3) if the len invalid and stop seg fault if names is null. Set EINVAL instead and return error. Signed-off-by: Richard Haines <richard_c_haines@btinternet.com> Signed-off-by: Eric Paris <eparis@redhat.com> Acked-by: Dan Walsh <dwalsh@redhat.com>
* initial import from svn trunk revision 2950Joshua Brindle2008-08-191-0/+474