From owner-svn-src-head@FreeBSD.ORG  Wed Apr 29 22:19:41 2015
Return-Path: <owner-svn-src-head@FreeBSD.ORG>
Delivered-To: svn-src-head@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115])
 (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTPS id ABF0A9EA;
 Wed, 29 Apr 2015 22:19:41 +0000 (UTC)
Received: from svn.freebsd.org (svn.freebsd.org
 [IPv6:2001:1900:2254:2068::e6a:0])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id 8D4C21F36;
 Wed, 29 Apr 2015 22:19:41 +0000 (UTC)
Received: from svn.freebsd.org ([127.0.1.70])
 by svn.freebsd.org (8.14.9/8.14.9) with ESMTP id t3TMJf93071531;
 Wed, 29 Apr 2015 22:19:41 GMT (envelope-from oshogbo@FreeBSD.org)
Received: (from oshogbo@localhost)
 by svn.freebsd.org (8.14.9/8.14.9/Submit) id t3TMJeGn071528;
 Wed, 29 Apr 2015 22:19:40 GMT (envelope-from oshogbo@FreeBSD.org)
Message-Id: <201504292219.t3TMJeGn071528@svn.freebsd.org>
X-Authentication-Warning: svn.freebsd.org: oshogbo set sender to
 oshogbo@FreeBSD.org using -f
From: Mariusz Zaborski <oshogbo@FreeBSD.org>
Date: Wed, 29 Apr 2015 22:19:40 +0000 (UTC)
To: src-committers@freebsd.org, svn-src-all@freebsd.org,
 svn-src-head@freebsd.org
Subject: svn commit: r282252 - head/lib/libcapsicum
X-SVN-Group: head
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-BeenThere: svn-src-head@freebsd.org
X-Mailman-Version: 2.1.20
Precedence: list
List-Id: SVN commit messages for the src tree for head/-current
 <svn-src-head.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/svn-src-head>,
 <mailto:svn-src-head-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-src-head/>
List-Post: <mailto:svn-src-head@freebsd.org>
List-Help: <mailto:svn-src-head-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/svn-src-head>,
 <mailto:svn-src-head-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 29 Apr 2015 22:19:41 -0000

Author: oshogbo
Date: Wed Apr 29 22:19:40 2015
New Revision: 282252
URL: https://svnweb.freebsd.org/changeset/base/282252

Log:
  Remove the use of nvlist_.*[vf] functions from libcapsicum and replace
  them with snprintf(3). Assert the results of snprintf(3).
  
  Approved by:	pjd (mentor)

Modified:
  head/lib/libcapsicum/libcapsicum_dns.c
  head/lib/libcapsicum/libcapsicum_grp.c
  head/lib/libcapsicum/libcapsicum_pwd.c

Modified: head/lib/libcapsicum/libcapsicum_dns.c
==============================================================================
--- head/lib/libcapsicum/libcapsicum_dns.c	Wed Apr 29 22:15:02 2015	(r282251)
+++ head/lib/libcapsicum/libcapsicum_dns.c	Wed Apr 29 22:19:40 2015	(r282252)
@@ -30,6 +30,7 @@
 #include <sys/cdefs.h>
 __FBSDID("$FreeBSD$");
 
+#include <assert.h>
 #include <netdb.h>
 #include <stdlib.h>
 #include <string.h>
@@ -67,6 +68,8 @@ static struct hostent *
 hostent_unpack(const nvlist_t *nvl, struct hostent *hp)
 {
 	unsigned int ii, nitems;
+	char nvlname[64];
+	int n;
 
 	hostent_free(hp);
 
@@ -81,8 +84,10 @@ hostent_unpack(const nvlist_t *nvl, stru
 	if (hp->h_aliases == NULL)
 		goto fail;
 	for (ii = 0; ii < nitems; ii++) {
+		n = snprintf(nvlname, sizeof(nvlname), "alias%u", ii);
+		assert(n > 0 && n < (int)sizeof(nvlname));
 		hp->h_aliases[ii] =
-		    strdup(nvlist_getf_string(nvl, "alias%u", ii));
+		    strdup(nvlist_get_string(nvl, nvlname));
 		if (hp->h_aliases[ii] == NULL)
 			goto fail;
 	}
@@ -96,7 +101,9 @@ hostent_unpack(const nvlist_t *nvl, stru
 		hp->h_addr_list[ii] = malloc(hp->h_length);
 		if (hp->h_addr_list[ii] == NULL)
 			goto fail;
-		bcopy(nvlist_getf_binary(nvl, NULL, "addr%u", ii),
+		n = snprintf(nvlname, sizeof(nvlname), "addr%u", ii);
+		assert(n > 0 && n < (int)sizeof(nvlname));
+		bcopy(nvlist_get_binary(nvl, nvlname, NULL),
 		    hp->h_addr_list[ii], hp->h_length);
 	}
 	hp->h_addr_list[ii] = NULL;
@@ -208,8 +215,9 @@ cap_getaddrinfo(cap_channel_t *chan, con
 	struct addrinfo *firstai, *prevai, *curai;
 	unsigned int ii;
 	const nvlist_t *nvlai;
+	char nvlname[64];
 	nvlist_t *nvl;
-	int error;
+	int error, n;
 
 	nvl = nvlist_create(0);
 	nvlist_add_string(nvl, "cmd", "getaddrinfo");
@@ -237,9 +245,11 @@ cap_getaddrinfo(cap_channel_t *chan, con
 	nvlai = NULL;
 	firstai = prevai = curai = NULL;
 	for (ii = 0; ; ii++) {
-		if (!nvlist_existsf_nvlist(nvl, "res%u", ii))
+		n = snprintf(nvlname, sizeof(nvlname), "res%u", ii);
+		assert(n > 0 && n < (int)sizeof(nvlname));
+		if (!nvlist_exists_nvlist(nvl, nvlname))
 			break;
-		nvlai = nvlist_getf_nvlist(nvl, "res%u", ii);
+		nvlai = nvlist_get_nvlist(nvl, nvlname);
 		curai = addrinfo_unpack(nvlai);
 		if (curai == NULL)
 			break;
@@ -314,6 +324,8 @@ cap_dns_type_limit(cap_channel_t *chan, 
 {
 	nvlist_t *limits;
 	unsigned int i;
+	char nvlname[64];
+	int n;
 
 	if (cap_limit_get(chan, &limits) < 0)
 		return (-1);
@@ -321,8 +333,11 @@ cap_dns_type_limit(cap_channel_t *chan, 
 		limits = nvlist_create(0);
 	else
 		limit_remove(limits, "type");
-	for (i = 0; i < ntypes; i++)
-		nvlist_addf_string(limits, types[i], "type%u", i);
+	for (i = 0; i < ntypes; i++) {
+		n = snprintf(nvlname, sizeof(nvlname), "type%u", i);
+		assert(n > 0 && n < (int)sizeof(nvlname));
+		nvlist_add_string(limits, nvlname, types[i]);
+	}
 	return (cap_limit_set(chan, limits));
 }
 
@@ -332,6 +347,8 @@ cap_dns_family_limit(cap_channel_t *chan
 {
 	nvlist_t *limits;
 	unsigned int i;
+	char nvlname[64];
+	int n;
 
 	if (cap_limit_get(chan, &limits) < 0)
 		return (-1);
@@ -340,8 +357,9 @@ cap_dns_family_limit(cap_channel_t *chan
 	else
 		limit_remove(limits, "family");
 	for (i = 0; i < nfamilies; i++) {
-		nvlist_addf_number(limits, (uint64_t)families[i],
-		    "family%u", i);
+		n = snprintf(nvlname, sizeof(nvlname), "type%u", i);
+		assert(n > 0 && n < (int)sizeof(nvlname));
+		nvlist_add_number(limits, nvlname, (uint64_t)families[i]);
 	}
 	return (cap_limit_set(chan, limits));
 }

Modified: head/lib/libcapsicum/libcapsicum_grp.c
==============================================================================
--- head/lib/libcapsicum/libcapsicum_grp.c	Wed Apr 29 22:15:02 2015	(r282251)
+++ head/lib/libcapsicum/libcapsicum_grp.c	Wed Apr 29 22:19:40 2015	(r282252)
@@ -94,9 +94,10 @@ group_unpack_members(const nvlist_t *nvl
     size_t *bufsizep)
 {
 	const char *mem;
-	char **outstrs, *str;
+	char **outstrs, *str, nvlname[64];
 	size_t nmem, datasize, strsize;
 	unsigned int ii;
+	int n;
 
 	if (!nvlist_exists_number(nvl, "gr_nmem")) {
 		datasize = _ALIGNBYTES + sizeof(char *);
@@ -113,7 +114,9 @@ group_unpack_members(const nvlist_t *nvl
 	nmem = (size_t)nvlist_get_number(nvl, "gr_nmem");
 	datasize = _ALIGNBYTES + sizeof(char *) * (nmem + 1);
 	for (ii = 0; ii < nmem; ii++) {
-		mem = dnvlist_getf_string(nvl, NULL, "gr_mem[%u]", ii);
+		n = snprintf(nvlname, sizeof(nvlname), "gr_mem[%u]", ii);
+		assert(n > 0 && n < (int)sizeof(nvlname));
+		mem = dnvlist_get_string(nvl, nvlname, NULL);
 		if (mem == NULL)
 			return (EINVAL);
 		datasize += strlen(mem) + 1;
@@ -125,7 +128,9 @@ group_unpack_members(const nvlist_t *nvl
 	outstrs = (char **)_ALIGN(*bufferp);
 	str = (char *)outstrs + sizeof(char *) * (nmem + 1);
 	for (ii = 0; ii < nmem; ii++) {
-		mem = nvlist_getf_string(nvl, "gr_mem[%u]", ii);
+		n = snprintf(nvlname, sizeof(nvlname), "gr_mem[%u]", ii);
+		assert(n > 0 && n < (int)sizeof(nvlname));
+		mem = nvlist_get_string(nvl, nvlname);
 		strsize = strlen(mem) + 1;
 		memcpy(str, mem, strsize);
 		outstrs[ii] = str;
@@ -407,6 +412,8 @@ cap_grp_limit_groups(cap_channel_t *chan
 {
 	nvlist_t *limits, *groups;
 	unsigned int i;
+	char nvlname[64];
+	int n;
 
 	if (cap_limit_get(chan, &limits) < 0)
 		return (-1);
@@ -417,10 +424,16 @@ cap_grp_limit_groups(cap_channel_t *chan
 			nvlist_free_nvlist(limits, "groups");
 	}
 	groups = nvlist_create(0);
-	for (i = 0; i < ngids; i++)
-		nvlist_addf_number(groups, (uint64_t)gids[i], "gid%u", i);
-	for (i = 0; i < nnames; i++)
-		nvlist_addf_string(groups, names[i], "name%u", i);
+	for (i = 0; i < ngids; i++) {
+		n = snprintf(nvlname, sizeof(nvlname), "gid%u", i);
+		assert(n > 0 && n < (int)sizeof(nvlname));
+		nvlist_add_number(groups, nvlname, (uint64_t)gids[i]);
+	}
+	for (i = 0; i < nnames; i++) {
+		n = snprintf(nvlname, sizeof(nvlname), "gid%u", i);
+		assert(n > 0 && n < (int)sizeof(nvlname));
+		nvlist_add_string(groups, nvlname, names[i]);
+	}
 	nvlist_move_nvlist(limits, "groups", groups);
 	return (cap_limit_set(chan, limits));
 }

Modified: head/lib/libcapsicum/libcapsicum_pwd.c
==============================================================================
--- head/lib/libcapsicum/libcapsicum_pwd.c	Wed Apr 29 22:15:02 2015	(r282251)
+++ head/lib/libcapsicum/libcapsicum_pwd.c	Wed Apr 29 22:19:40 2015	(r282252)
@@ -364,7 +364,9 @@ cap_pwd_limit_users(cap_channel_t *chan,
     size_t nnames, uid_t *uids, size_t nuids)
 {
 	nvlist_t *limits, *users;
+	char nvlname[64];
 	unsigned int i;
+	int n;
 
 	if (cap_limit_get(chan, &limits) < 0)
 		return (-1);
@@ -375,10 +377,16 @@ cap_pwd_limit_users(cap_channel_t *chan,
 			nvlist_free_nvlist(limits, "users");
 	}
 	users = nvlist_create(0);
-	for (i = 0; i < nuids; i++)
-		nvlist_addf_number(users, (uint64_t)uids[i], "uid%u", i);
-	for (i = 0; i < nnames; i++)
-		nvlist_addf_string(users, names[i], "name%u", i);
+	for (i = 0; i < nuids; i++) {
+		n = snprintf(nvlname, sizeof(nvlname), "uid%u", i);
+		assert(n > 0 && n < (int)sizeof(nvlname));
+		nvlist_add_number(users, nvlname, (uint64_t)uids[i]);
+	}
+	for (i = 0; i < nnames; i++) {
+		n = snprintf(nvlname, sizeof(nvlname), "name%u", i);
+		assert(n > 0 && n < (int)sizeof(nvlname));
+		nvlist_add_string(users, nvlname, names[i]);
+	}
 	nvlist_move_nvlist(limits, "users", users);
 	return (cap_limit_set(chan, limits));
 }