Date: Wed, 28 May 2003 08:58:20 -0700 (PDT) From: Robert Watson <rwatson@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 31982 for review Message-ID: <200305281558.h4SFwKqo033847@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=31982 Change 31982 by rwatson@rwatson_tislabs on 2003/05/28 08:57:19 Mirror MLS element parsing cleanup into Biba: add comments, avoid pointer arithmetic, use more meaningful variable names, avoid concurrent assignment and other operations. Affected files ... .. //depot/projects/trustedbsd/mac/sys/security/mac_biba/mac_biba.c#205 edit Differences ... ==== //depot/projects/trustedbsd/mac/sys/security/mac_biba/mac_biba.c#205 (text+ko) ==== @@ -675,8 +675,8 @@ static int mac_biba_parse_element(struct mac_biba_element *element, char *string) { - char *p, *tp, *np; - int crange, d, i; + char *compartment, *end, *grade; + int i, inset, setbase, value; if (strcmp(string, "high") == 0 || strcmp(string, "hi") == 0) { @@ -691,37 +691,68 @@ element->mbe_type = MAC_BIBA_TYPE_EQUAL; element->mbe_grade = MAC_BIBA_TYPE_UNDEF; } else { - d = strtol(string, &p, 10); - if (d < 0 || d > 65535) + element->mbe_type = MAC_BIBA_TYPE_GRADE; + + /* + * Numeric grade piece of the element. + */ + grade = strsep(&string, ":"); + value = strtol(grade, &end, 10); + if (end == grade || *end != '\0') + return (EINVAL); + if (value < 0 || value > 65535) return (EINVAL); + element->mbe_grade = value; - element->mbe_type = MAC_BIBA_TYPE_GRADE; - element->mbe_grade = d; - - if (p == string || *p == '\0') + /* + * Optional compartment piece of the element. If none + * are included, we assume that the label has no + * compartments. + */ + if (string == NULL) return (0); - if (*p != ':') - return (EINVAL); - np = ++p; - if (np == NULL || *np == '\0') + if (*string == '\0') return (0); - crange = d = 0; - while ((tp = strsep(&np, "+")) != NULL) { - d = strtol(tp, &p, 10); - if (*p != '\0' || d < 1 || - d > MAC_BIBA_MAX_COMPARTMENTS || crange >= d) + + /* + * Because we support a notation that accepts 'X++Y' for a + * set of continuous compartment values, we must keep track + * of the most recent possible start value. Initialize the + * tracking to (-1) to indicate that we don't have a base + * for the set yet. + */ + setbase = -1; + inset = 0; + while ((compartment = strsep(&string, "+")) != NULL) { + if (*compartment == '\0') { + /* No base yet. */ + if (setbase == -1) + return (EINVAL); + /* Already in set. */ + if (inset != 0) + return (EINVAL); + inset = 1; + continue; + } + /* + * An actual entry in the list, possible following + * a continuous compartment set. + */ + value = strtol(compartment, &end, 10); + if (compartment == end || *end != '\0') + return (EINVAL); + if (value < 1 || value > MAC_BIBA_MAX_COMPARTMENTS) return (EINVAL); - if (crange > 0) { - for (i = crange; i <= d; i++) + if (inset) { + for (i = setbase; i <= value; i++) { MAC_BIBA_BIT_SET(i, element->mbe_compartments); - crange = 0; - } - if (np != NULL && *np == '+') { - ++np; - crange = d; + } + inset = 0; } else - MAC_BIBA_BIT_SET(d, element->mbe_compartments); + MAC_BIBA_BIT_SET(value, + element->mbe_compartments); + setbase = value; } } return (0);
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200305281558.h4SFwKqo033847>