From nobody Thu Apr  3 19:32:30 2025
X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4ZTBhb2PClz5sLwj;
	Thu, 03 Apr 2025 19:32:31 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R10" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4ZTBhZ59t6z3SkH;
	Thu, 03 Apr 2025 19:32:30 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1743708750;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=3Ch3g6TuFXbBGDzY/pxikNSh1zXdYwUZR0kgRTJ5mvg=;
	b=bwygokWq2A0On+gVp649xbIfvwfK65OsZAyY1KdpClwGTKP8NoEVjAiexSDR0P5FJFFcL6
	v+eVOk90vZMt5FqxUqsuvwyK7n7FZaE0UTp2cQgBz63rQiIhf+gX5ssACQL23h4qEPhLsQ
	L+60vzi0jOFpivTA7ntRuteSABpM2PZM3ElHPBeYoj4mW4GSOWlZs+bjSOph+lTcbwqbzq
	XmBr/97gHKUgWtDJzyBowxy7Ec9jLq5cKzyzq0AHrTQK7SoZM/UQyJGG36e4sp+ZNOapnF
	IZUyAnOZnkbRyilWJdsW7Pm0acKBhsTgAV5iFe8MRIVcxmLQbLY90TdLfUvvaw==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1743708750; a=rsa-sha256; cv=none;
	b=qM+hbl/kLU01raLYQrCEffU5JX5qFStf5u481VlRX8XXiVi7FwCQGcoSJzPXJM5Asp330V
	c0TpppCrAKk5F7Ke2qMHcutbArmbM4qfDkSS9JtPqZg9wZDnai31Gi/XVzv0FsurJvu7DI
	yjkg3z37YU1WSu39nGY2TY4ruvZtbh42gYz6oZph3pPWHJ1bdZzzk/VUm9rYAuXRHIBX4T
	8+nNlOuSEz6fofU/FO39xRDQW414w30gcukJSAt7Y+Z9QxA9huZi5TjPrazf9RdMikcfBN
	M7/ziIVkYoLFnqVeetv4+CWwCWgfaS6h/f1hjUMDu2ixCAaCd/mbC6YiXs5i2w==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1743708750;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=3Ch3g6TuFXbBGDzY/pxikNSh1zXdYwUZR0kgRTJ5mvg=;
	b=AOZWTcjWnNF2dtNxxqQn32JCLMnUcvaZpyND0wPdDzWEqLfzgX/x5jAsJI5uGt78Lrnefl
	wYElPu5rSe9612pEUPoNdogbJpUYOpVd5vY2lxZri5pPz9pNDI1dMdgg1wW35pcuqv8MLY
	tHQuI81exMrrLUBbxBwBP7p8LU57D06RA+gMDP4FN67yvjOPZyZLQwpv610bLxY6rUaAtq
	RtuownIaX/oKoqGjkD22kpA8I1lHSlNebE9FdgCefIkGaii2EPry5iQyAHT/EfvuoVCIWe
	wVIVlqa1yuar+ANEF9m+qSTBP63DepbF+mToCQNQBtfq1cP5NHpNSt2GbvIKnQ==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4ZTBhZ4TS3zM4;
	Thu, 03 Apr 2025 19:32:30 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 533JWU9t040610;
	Thu, 3 Apr 2025 19:32:30 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 533JWUOK040608;
	Thu, 3 Apr 2025 19:32:30 GMT
	(envelope-from git)
Date: Thu, 3 Apr 2025 19:32:30 GMT
Message-Id: <202504031932.533JWUOK040608@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Olivier Certner <olce@FreeBSD.org>
Subject: git: 8bf992d2ebad - stable/14 - MAC/do: parse_rules():
  Tolerate blanks around tokens
List-Id: Commit messages for all branches of the src repository <dev-commits-src-all.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all
List-Help: <mailto:dev-commits-src-all+help@freebsd.org>
List-Post: <mailto:dev-commits-src-all@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-all+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-all+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-src-all@freebsd.org
Sender: owner-dev-commits-src-all@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: olce
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/14
X-Git-Reftype: branch
X-Git-Commit: 8bf992d2ebadfe287909be02e6d0a51409597b05
Auto-Submitted: auto-generated

The branch stable/14 has been updated by olce:

URL: https://cgit.FreeBSD.org/src/commit/?id=8bf992d2ebadfe287909be02e6d0a51409597b05

commit 8bf992d2ebadfe287909be02e6d0a51409597b05
Author:     Olivier Certner <olce@FreeBSD.org>
AuthorDate: 2024-11-12 17:13:26 +0000
Commit:     Olivier Certner <olce@FreeBSD.org>
CommitDate: 2025-04-03 19:31:05 +0000

    MAC/do: parse_rules(): Tolerate blanks around tokens
    
    To this end, we introduce the strsep_noblanks() function, designed to be
    a drop-in replacement for strstep(), and use it in place of the latter.
    
    We had taken care of calling strsep() even when the remaining sub-string
    was not delimited (i.e., with empty string as its second argument), so
    this commit only has mechanical replacements of existing calls.
    
    Reviewed by:    bapt
    Approved by:    markj (mentor)
    Sponsored by:   The FreeBSD Foundation
    Differential Revision:  https://reviews.freebsd.org/D47623
    
    (cherry picked from commit 4a03b64517b3151064c52e213ebbc068ab1430d1)
---
 sys/security/mac_do/mac_do.c | 61 ++++++++++++++++++++++++++++++++++++++------
 1 file changed, 53 insertions(+), 8 deletions(-)

diff --git a/sys/security/mac_do/mac_do.c b/sys/security/mac_do/mac_do.c
index dc5933930a41..669f0cfefdfb 100644
--- a/sys/security/mac_do/mac_do.c
+++ b/sys/security/mac_do/mac_do.c
@@ -381,6 +381,48 @@ strtoui_strict(const char *const restrict s, const char **const restrict endptr,
 	return (0);
 }
 
+/*
+ * strsep() variant skipping spaces and tabs.
+ *
+ * Skips spaces and tabs at beginning and end of the token before one of the
+ * 'delim' characters, i.e., at start of string and just before one of the
+ * delimiter characters (so it doesn't prevent tokens containing spaces and tabs
+ * in the middle).
+ */
+static char *
+strsep_noblanks(char **const stringp, const char *delim)
+{
+	char *p = *stringp;
+	char *ret, *wsp;
+	size_t idx;
+
+	if (p == NULL)
+		return (NULL);
+
+	idx = strspn(p, " \t");
+	p += idx;
+
+	ret = strsep(&p, delim);
+
+	/* Rewind spaces/tabs at the end. */
+	if (p == NULL)
+		wsp = ret + strlen(ret);
+	else
+		wsp = p - 1;
+	for (; wsp != ret; --wsp) {
+		switch (wsp[-1]) {
+		case ' ':
+		case '\t':
+			continue;
+		}
+		break;
+	}
+	*wsp = '\0';
+
+	*stringp = p;
+	return (ret);
+}
+
 
 static void
 make_parse_error(struct parse_error **const parse_error, const size_t pos,
@@ -485,7 +527,7 @@ parse_target_clause(char *to, struct rule *const rule,
 
 	MPASS(*parse_error == NULL);
 	MPASS(to != NULL);
-	to_type = strsep(&to, "=");
+	to_type = strsep_noblanks(&to, "=");
 	MPASS(to_type != NULL);
 	to_type += parse_gid_flags(to_type, &is.flags, &gid_flags);
 	error = parse_id_type(to_type, &type, parse_error);
@@ -498,7 +540,7 @@ parse_target_clause(char *to, struct rule *const rule,
 		goto einval;
 	}
 
-	to_id = strsep(&to, "");
+	to_id = strsep_noblanks(&to, "");
 	switch (type) {
 	case IT_GID:
 		if (to_id == NULL) {
@@ -829,7 +871,7 @@ parse_single_rule(char *rule, struct rules *const rules,
 	/* Freed when the 'struct rules' container is freed. */
 	new = malloc(sizeof(*new), M_DO, M_WAITOK | M_ZERO);
 
-	from_type = strsep(&rule, "=");
+	from_type = strsep_noblanks(&rule, "=");
 	MPASS(from_type != NULL); /* Because 'rule' was not NULL. */
 	error = parse_id_type(from_type, &new->from_type, parse_error);
 	if (error != 0)
@@ -844,7 +886,7 @@ parse_single_rule(char *rule, struct rules *const rules,
 		goto einval;
 	}
 
-	from_id = strsep(&rule, ":");
+	from_id = strsep_noblanks(&rule, ":");
 	if (is_null_or_empty(from_id)) {
 		make_parse_error(parse_error, 0, "No ID specified.");
 		goto einval;
@@ -869,7 +911,7 @@ parse_single_rule(char *rule, struct rules *const rules,
 	 * allows to minimize memory allocations and enables searching IDs in
 	 * O(log(n)) instead of linearly.
 	 */
-	to_list = strsep(&rule, ",");
+	to_list = strsep_noblanks(&rule, ",");
 	if (to_list == NULL) {
 		make_parse_error(parse_error, 0, "No target list.");
 		goto einval;
@@ -882,7 +924,7 @@ parse_single_rule(char *rule, struct rules *const rules,
 			goto einval;
 		}
 
-		to_list = strsep(&rule, ",");
+		to_list = strsep_noblanks(&rule, ",");
 	} while (to_list != NULL);
 
 	if (new->uids_nb != 0) {
@@ -949,7 +991,10 @@ einval:
  * is "uid" or "gid", <id> an UID or GID (depending on <type>) and <target> is
  * "*", "any" or a comma-separated list of '<flags><type>=<id>' clauses (see the
  * comment for parse_single_rule() for more details).  For convenience, empty
- * rules are allowed (and do nothing).
+ * rules are allowed (and do nothing), and spaces and tabs are allowed (and
+ * removed) around each token (tokens are natural ones, except that
+ * '<flags><type>' as a whole is considered a single token, so no blanks are
+ * allowed between '<flags>' and '<type>').
  *
  * Examples:
  * - "uid=1001:uid=1010,gid=1010;uid=1002:any"
@@ -982,7 +1027,7 @@ parse_rules(const char *const string, struct rules **const rulesp,
 	MPASS(copy[len] == '\0'); /* Catch some races. */
 
 	p = copy;
-	while ((rule = strsep(&p, ";")) != NULL) {
+	while ((rule = strsep_noblanks(&p, ";")) != NULL) {
 		if (rule[0] == '\0')
 			continue;
 		error = parse_single_rule(rule, rules, parse_error);