From owner-p4-projects@FreeBSD.ORG  Thu Dec  1 21:34:17 2005
Return-Path: <owner-p4-projects@FreeBSD.ORG>
X-Original-To: p4-projects@freebsd.org
Delivered-To: p4-projects@freebsd.org
Received: by hub.freebsd.org (Postfix, from userid 32767)
	id 6342916A423; Thu,  1 Dec 2005 21:34:16 +0000 (GMT)
X-Original-To: perforce@freebsd.org
Delivered-To: perforce@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 0840C16A41F
	for <perforce@freebsd.org>; Thu,  1 Dec 2005 21:34:16 +0000 (GMT)
	(envelope-from millert@freebsd.org)
Received: from repoman.freebsd.org (repoman.freebsd.org [216.136.204.115])
	by mx1.FreeBSD.org (Postfix) with ESMTP id C448D43D45
	for <perforce@freebsd.org>; Thu,  1 Dec 2005 21:34:15 +0000 (GMT)
	(envelope-from millert@freebsd.org)
Received: from repoman.freebsd.org (localhost [127.0.0.1])
	by repoman.freebsd.org (8.13.1/8.13.1) with ESMTP id jB1LYFfp084416
	for <perforce@freebsd.org>; Thu, 1 Dec 2005 21:34:15 GMT
	(envelope-from millert@freebsd.org)
Received: (from perforce@localhost)
	by repoman.freebsd.org (8.13.1/8.13.1/Submit) id jB1LYFWL084413
	for perforce@freebsd.org; Thu, 1 Dec 2005 21:34:15 GMT
	(envelope-from millert@freebsd.org)
Date: Thu, 1 Dec 2005 21:34:15 GMT
Message-Id: <200512012134.jB1LYFWL084413@repoman.freebsd.org>
X-Authentication-Warning: repoman.freebsd.org: perforce set sender to
	millert@freebsd.org using -f
From: Todd Miller <millert@FreeBSD.org>
To: Perforce Change Reviews <perforce@freebsd.org>
Cc: 
Subject: PERFORCE change 87609 for review
X-BeenThere: p4-projects@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: p4 projects tree changes <p4-projects.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/p4-projects>,
	<mailto:p4-projects-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/p4-projects>
List-Post: <mailto:p4-projects@freebsd.org>
List-Help: <mailto:p4-projects-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/p4-projects>,
	<mailto:p4-projects-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 01 Dec 2005 21:34:17 -0000

http://perforce.freebsd.org/chv.cgi?CH=87609

Change 87609 by millert@millert_g4tower on 2005/12/01 21:33:45

	Call mac_check_name_port_access() with correct args.
	Dynamically alloc buffer instead of using gcc extension

Affected files ...

.. //depot/projects/trustedbsd/sedarwin7/src/sedarwin/libselinux/src/check_context.c#3 edit

Differences ...

==== //depot/projects/trustedbsd/sedarwin7/src/sedarwin/libselinux/src/check_context.c#3 (text+ko) ====

@@ -1,24 +1,24 @@
 #include <sys/types.h>
+#include <errno.h>
+#include <limits.h>
+#include <stdio.h>
 #include <stdlib.h>
-#include <errno.h>
-#include <string.h>
+#include <mach/mach.h>
+#include <mach/security.h>
 #include <selinux/selinux.h>
-#include <limits.h>
 #include <sedarwin/sebsd.h>
-#include <mach/kern_return.h>
-#include <mach/security.h>
 
 int security_check_context(security_context_t con)
 {
 	kern_return_t kr;
-	char buf[strlen(con) + strlen(SEBSD_ID_STRING) + 2];
+	char *buf;
 
-	strcpy(buf, SEBSD_ID_STRING);
-	strcat(buf, "/");
-	strcat(buf, con);
+	if (asprintf(&buf, "%s/%s", SEBSD_ID_STRING, con) == -1)
+		return (-1);
 
-	kr = mac_check_name_port_access(mach_task_self(), mach_task_self(),
-	    buf, "file", "read");
+	kr = mac_check_name_port_access(mach_task_self(), buf, mach_task_self(),
+	    "file", "read");
+	free(buf);
 	if (kr == KERN_INVALID_ARGUMENT)
 		return (-1);
 	else