projects / platform / upstream / smack.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: e350b66)
libsmack: fix parsing of CIPSO settings
authorRafal Krypa <r.krypa@samsung.com>
Fri, 26 Dec 2014 12:33:54 +0000 (12:33 +0000)
committerRafal Krypa <r.krypa@samsung.com>
Fri, 26 Dec 2014 12:33:54 +0000 (12:33 +0000)
Adjust CIPSO parsing to expected kernel format:
- maximum number of categories is 184
- each category value must be between 1 and 184

Change-Id: Ic5e4ccd2104ed3284a873087339bf792536b2125
Signed-off-by: Rafal Krypa <r.krypa@samsung.com>
libsmack/libsmack.c patch | blob | history

diff --git a/libsmack/libsmack.c b/libsmack/libsmack.c
index 13fa0ab..2163096 100644 (file)
--- a/libsmack/libsmack.c
+++ b/libsmack/libsmack.c
@@ -46,8 +46,7 @@
 #define LEVEL_MAX 255
 #define NUM_LEN 4
 #define BUF_SIZE 512
-#define CAT_MAX_COUNT 240
-#define CAT_MAX_VALUE 63
+#define CAT_MAX_COUNT 184
 #define CIPSO_POS(i)   (SMACK_LABEL_LEN + 1 + NUM_LEN + NUM_LEN + i * NUM_LEN)
 #define CIPSO_MAX_SIZE CIPSO_POS(CAT_MAX_COUNT)
 #define CIPSO_NUM_LEN_STR "%-4d"
@@ -109,7 +108,7 @@ struct smack_accesses {
 
 struct cipso_mapping {
        char label[SMACK_LABEL_LEN + 1];
-       int cats[CAT_MAX_VALUE];
+       int cats[CAT_MAX_COUNT];
        int ncats;
        int level;
        struct cipso_mapping *next;
@@ -533,7 +532,7 @@ int smack_cipso_add_from_file(struct smack_cipso *cipso, int fd)
                        if (errno)
                                goto err_out;
 
-                       if (val < 0 || val > CAT_MAX_VALUE)
+                       if (val <= 0 || val > CAT_MAX_COUNT)
                                goto err_out;
 
                        mapping->cats[i] = val;
Domain: Security / Access Control;