On Sun, Jun 23, 2013 at 04:23:15PM -0700, Tyler Hicks wrote: > The getpeercon functions need to parse the mode from the confinement > string. This patch creates a function that aa_getpeercon_raw() and > aa_getprocattr_raw() can both use. > > Signed-off-by: Tyler Hicks <[email protected]>
Acked-by: Seth Arnold <[email protected]> > --- > libraries/libapparmor/src/kernel_interface.c | 46 > +++++++++++++++++----------- > 1 file changed, 28 insertions(+), 18 deletions(-) > > diff --git a/libraries/libapparmor/src/kernel_interface.c > b/libraries/libapparmor/src/kernel_interface.c > index ee7908a..afb51b5 100644 > --- a/libraries/libapparmor/src/kernel_interface.c > +++ b/libraries/libapparmor/src/kernel_interface.c > @@ -150,6 +150,33 @@ static char *procattr_path(pid_t pid, const char *attr) > } > > /** > + * parse_confinement_mode - get the mode from the confinement string > + * @con: the confinement string > + * @size: size of the confinement string > + * > + * Modifies con to NUL-terminate the label string and the mode string. > + * > + * Returns: a pointer to the NUL-terminated mode inside the confinement > string > + * or NULL if the mode was not found > + */ > +static char *parse_confinement_mode(char *con, int size) > +{ > + if (strcmp(con, "unconfined") != 0 && > + size > 4 && con[size - 2] == ')') { > + int pos = size - 3; > + > + while (pos > 0 && !(con[pos] == ' ' && con[pos + 1] == '(')) > + pos--; > + if (pos > 0) { > + con[pos] = 0; /* overwrite ' ' */ > + con[size - 2] = 0; /* overwrite trailing ) */ > + return &con[pos + 2]; /* skip '(' */ > + } > + } > + return NULL; > +} > + > +/** > * aa_getprocattr_raw - get the contents of @attr for @tid into @buf > * @tid: tid of task to query > * @attr: which /proc/<tid>/attr/<attr> to query > @@ -217,25 +244,8 @@ int aa_getprocattr_raw(pid_t tid, const char *attr, char > *buf, int len, > size++; > } > > - /* > - * now separate the mode. If we don't find it just > - * return NULL > - */ > if (mode) > - *mode = NULL; > - if (strcmp(buf, "unconfined") != 0 && > - size > 4 && buf[size - 2] == ')') { > - int pos = size - 3; > - while (pos > 0 && > - !(buf[pos] == ' ' && buf[pos + 1] == '(')) > - pos--; > - if (pos > 0) { > - buf[pos] = 0; /* overwrite ' ' */ > - buf[size - 2] = 0; /* overwrite trailing ) */ > - if (mode) > - *mode = &buf[pos + 2]; /* skip '(' */ > - } > - } > + *mode = parse_confinement_mode(buf, size); > } > rc = size; > > -- > 1.8.1.2 > > > -- > AppArmor mailing list > [email protected] > Modify settings or unsubscribe at: > https://lists.ubuntu.com/mailman/listinfo/apparmor >
signature.asc
Description: Digital signature
-- AppArmor mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
