Date: Wed, 28 May 2003 08:27:21 -0700 (PDT) From: Robert Watson <rwatson@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 31981 for review Message-ID: <200305281527.h4SFRLmc027590@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=31981 Change 31981 by rwatson@rwatson_tislabs on 2003/05/28 08:26:27 Re-work MLS label parsing: - Comments are good. - Avoid pointer arithmetic when possible. - Rename variables to be more clear about what they do - Avoid combining assignments, comparisons, and unary operators. The same changes should be applied to Biba as well. Affected files ... .. //depot/projects/trustedbsd/mac/sys/security/mac_mls/mac_mls.c#164 edit Differences ... ==== //depot/projects/trustedbsd/mac/sys/security/mac_mls/mac_mls.c#164 (text+ko) ==== @@ -639,8 +639,8 @@ static int mac_mls_parse_element(struct mac_mls_element *element, char *string) { - char *p, *tp, *np; - int crange, d, i; + char *compartment, *end, *level; + int i, inset, setbase, value; if (strcmp(string, "high") == 0 || strcmp(string, "hi") == 0) { @@ -656,39 +656,69 @@ element->mme_level = MAC_MLS_TYPE_UNDEF; } else { - d = strtol(string, &p, 10); - if (d < 0 || d > 65535) + element->mme_type = MAC_MLS_TYPE_LEVEL; + + /* + * Numeric level piece of the element. + */ + level = strsep(&string, ":"); + value = strtol(level, &end, 10); + if (end == level || *end != '\0') + return (EINVAL); + if (value < 0 || value > 65535) return (EINVAL); + element->mme_level = value; - element->mme_type = MAC_MLS_TYPE_LEVEL; - element->mme_level = d; - - if (p == string || *p == '\0') + /* + * Optional compartment piece of the element. If none + * are included, we assume that the label has no + * compartments. + */ + if (string == NULL) return (0); - if (*p != ':') - return (EINVAL); - np = ++p; - if (np == NULL || *np == '\0') + if (*string == '\0') return (0); - crange = d = 0; - while ((tp = strsep(&np, "+")) != NULL) { - d = strtol(tp, &p, 10); - if (*p != '\0' || d < 1 || - d > MAC_MLS_MAX_COMPARTMENTS || crange >= d) + + /* + * Because we support a notation that accepts 'X++Y' for a + * set of continuous compartment values, we must keep track + * of the most recent possible start value. Initialize the + * tracking to (-1) to indicate that we don't have a base + * for the set yet. + */ + setbase = -1; + inset = 0; + while ((compartment = strsep(&string, "+")) != NULL) { + if (*compartment == '\0') { + /* No base yet. */ + if (setbase == -1) + return (EINVAL); + /* Already in set. */ + if (inset != 0) + return (EINVAL); + inset = 1; + continue; + } + /* + * An actual entry in the list, possible following + * a continuous compartment set. + */ + value = strtol(compartment, &end, 10); + if (compartment == end || *end != '\0') + return (EINVAL); + if (value < 1 || value > MAC_MLS_MAX_COMPARTMENTS) return (EINVAL); - if (crange > 0) { - for (i = crange; i <= d; i++) + if (inset) { + for (i = setbase; i <= value; i++) { MAC_MLS_BIT_SET(i, element->mme_compartments); - crange = 0; - } - if (np != NULL && *np == '+') { - ++np; - crange = d; + } + inset = 0; } else - MAC_MLS_BIT_SET(d, element->mme_compartments); + MAC_MLS_BIT_SET(value, + element->mme_compartments); + setbase = value; } - } return (0); }
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200305281527.h4SFRLmc027590>