External/libvirt
1
0
Fork 0
mirror of https://gitlab.com/libvirt/libvirt.git synced 2025-01-23 04:55:18 +00:00
Code Issues Packages Projects Releases Wiki Activity

Adapt to VIR_STRDUP and VIR_STRNDUP in src/security/*

Browse Source
This commit is contained in:
Michal Privoznik 2013-05-03 14:48:43 +02:00
parent 16251193af
commit aaa42912ae
5 changed files with 35 additions and 96 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
src/security/security_apparmor.c
View File

@ -445,24 +445,15 @@ AppArmorGenSecurityLabel(virSecurityManagerPtr mgr ATTRIBUTE_UNUSED,
if ((profile_name = get_profile_name(def)) == NULL)
return rc;
secdef->label = strndup(profile_name, strlen(profile_name));
if (!secdef->label) {
virReportOOMError();
if (VIR_STRDUP(secdef->label, profile_name) < 0)
goto cleanup;
}
/* set imagelabel the same as label (but we won't use it) */
secdef->imagelabel = strndup(profile_name,
strlen(profile_name));
if (!secdef->imagelabel) {
virReportOOMError();
if (VIR_STRDUP(secdef->imagelabel, profile_name) < 0)
goto err;
}
if (!secdef->model && !(secdef->model = strdup(SECURITY_APPARMOR_NAME))) {
virReportOOMError();
if (!secdef->model && VIR_STRDUP(secdef->model, SECURITY_APPARMOR_NAME) < 0)
goto err;
}
/* Now that we have a label, load the profile into the kernel. */
if (load_profile(mgr, secdef->label, def, NULL, false) < 0) {
@ -949,10 +940,7 @@ AppArmorGetMountOptions(virSecurityManagerPtr mgr ATTRIBUTE_UNUSED,
{
char *opts;
if (!(opts = strdup(""))) {
virReportOOMError();
return NULL;
}
ignore_value(VIR_STRDUP(opts, ""));
return opts;
}

21
src/security/security_dac.c
View File

@ -78,11 +78,8 @@ int parseIds(const char *label, uid_t *uidPtr, gid_t *gidPtr)
char *owner = NULL;
char *group = NULL;
tmp_label = strdup(label);
if (tmp_label == NULL) {
virReportOOMError();
if (VIR_STRDUP(tmp_label, label) < 0)
goto cleanup;
}
/* Split label */
sep = strchr(tmp_label, ':');
@ -1104,18 +1101,10 @@ virSecurityDACGenLabel(virSecurityManagerPtr mgr,
return rc;
}
if (!seclabel->norelabel) {
if (seclabel->imagelabel == NULL && seclabel->label != NULL) {
seclabel->imagelabel = strdup(seclabel->label);
if (seclabel->imagelabel == NULL) {
virReportError(VIR_ERR_INTERNAL_ERROR,
_("cannot generate dac user and group id "
"for domain %s"), def->name);
VIR_FREE(seclabel->label);
seclabel->label = NULL;
return rc;
}
}
if (!seclabel->norelabel && !seclabel->imagelabel &&
VIR_STRDUP(seclabel->imagelabel, seclabel->label) < 0) {
VIR_FREE(seclabel->label);
return rc;
}
return 0;

7
src/security/security_nop.c
View File

@ -20,7 +20,7 @@
#include <config.h>
#include "security_nop.h"
#include "virstring.h"
#include "virerror.h"
#define VIR_FROM_THIS VIR_FROM_SECURITY
@ -182,10 +182,7 @@ static char *virSecurityDomainGetMountOptionsNop(virSecurityManagerPtr mgr ATTRI
{
char *opts;
if (!(opts = strdup(""))) {
virReportOOMError();
return NULL;
}
ignore_value(VIR_STRDUP(opts, ""));
return opts;
}

79
src/security/security_selinux.c
View File

@ -203,10 +203,8 @@ virSecuritySELinuxMCSGetProcessRange(char **sens,
goto cleanup;
}
if (!(*sens = strdup(context_range_get(ourContext)))) {
virReportOOMError();
if (VIR_STRDUP(*sens, context_range_get(ourContext)) < 0)
goto cleanup;
}
/* Find and blank out the category part (if any) */
tmp = strchr(*sens, ':');
@ -313,10 +311,7 @@ virSecuritySELinuxContextAddRange(security_context_t src,
goto cleanup;
}
if (!(ret = strdup(str))) {
virReportOOMError();
goto cleanup;
}
ignore_value(VIR_STRDUP(ret, str));
cleanup:
if (srccon) context_free(srccon);
@ -386,10 +381,8 @@ virSecuritySELinuxGenNewContext(const char *basecontext,
_("Unable to format SELinux context"));
goto cleanup;
}
if (!(ret = strdup(str))) {
virReportOOMError();
if (VIR_STRDUP(ret, str) < 0)
goto cleanup;
}
VIR_DEBUG("Generated context '%s'", ret);
cleanup:
freecon(ourSecContext);
@ -452,17 +445,10 @@ virSecuritySELinuxLXCInitialize(virSecurityManagerPtr mgr)
goto error;
}
data->domain_context = strdup(scon->str);
data->file_context = strdup(tcon->str);
data->content_context = strdup(dcon->str);
if (!data->domain_context ||
!data->file_context ||
!data->content_context) {
virReportSystemError(errno,
_("cannot allocate memory for LXC SELinux contexts '%s'"),
selinux_lxc_contexts_path());
if (VIR_STRDUP(data->domain_context, scon->str) < 0 ||
VIR_STRDUP(data->file_context, tcon->str) < 0 ||
VIR_STRDUP(data->content_context, dcon->str) < 0)
goto error;
}
if (!(data->mcs = virHashCreate(10, NULL)))
goto error;
@ -521,11 +507,8 @@ virSecuritySELinuxQEMUInitialize(virSecurityManagerPtr mgr)
*ptr = '\0';
ptr++;
if (*ptr != '\0') {
data->alt_domain_context = strdup(ptr);
if (!data->alt_domain_context) {
virReportOOMError();
if (VIR_STRDUP(data->alt_domain_context, ptr) < 0)
goto error;
}
ptr = strchrnul(data->alt_domain_context, '\n');
if (ptr && *ptr == '\n')
*ptr = '\0';
@ -545,11 +528,8 @@ virSecuritySELinuxQEMUInitialize(virSecurityManagerPtr mgr)
ptr = strchrnul(data->file_context, '\n');
if (ptr && *ptr == '\n') {
*ptr = '\0';
data->content_context = strdup(ptr+1);
if (!data->content_context) {
virReportOOMError();
if (VIR_STRDUP(data->content_context, ptr + 1) < 0)
goto error;
}
ptr = strchrnul(data->content_context, '\n');
if (ptr && *ptr == '\n')
*ptr = '\0';
@ -644,11 +624,12 @@ virSecuritySELinuxGenSecurityLabel(virSecurityManagerPtr mgr,
}
range = context_range_get(ctx);
if (!range ||
!(mcs = strdup(range))) {
if (!range) {
virReportOOMError();
goto cleanup;
}
if (VIR_STRDUP(mcs, range) < 0)
goto cleanup;
break;
case VIR_DOMAIN_SECLABEL_DYNAMIC:
@ -712,10 +693,8 @@ virSecuritySELinuxGenSecurityLabel(virSecurityManagerPtr mgr,
}
if (!seclabel->model &&
!(seclabel->model = strdup(SECURITY_SELINUX_NAME))) {
virReportOOMError();
VIR_STRDUP(seclabel->model, SECURITY_SELINUX_NAME) < 0)
goto cleanup;
}
rc = 0;
@ -1413,10 +1392,8 @@ virSecuritySELinuxSetSecurityHostdevCapsLabel(virDomainDefPtr def,
return -1;
}
} else {
if (!(path = strdup(dev->source.caps.u.storage.block))) {
virReportOOMError();
if (VIR_STRDUP(path, dev->source.caps.u.storage.block) < 0)
return -1;
}
}
ret = virSecuritySELinuxSetFilecon(path, secdef->imagelabel);
VIR_FREE(path);
@ -1431,10 +1408,8 @@ virSecuritySELinuxSetSecurityHostdevCapsLabel(virDomainDefPtr def,
return -1;
}
} else {
if (!(path = strdup(dev->source.caps.u.misc.chardev))) {
virReportOOMError();
if (VIR_STRDUP(path, dev->source.caps.u.misc.chardev) < 0)
return -1;
}
}
ret = virSecuritySELinuxSetFilecon(path, secdef->imagelabel);
VIR_FREE(path);
@ -1607,10 +1582,8 @@ virSecuritySELinuxRestoreSecurityHostdevCapsLabel(virSecurityManagerPtr mgr,
return -1;
}
} else {
if (!(path = strdup(dev->source.caps.u.storage.block))) {
virReportOOMError();
if (VIR_STRDUP(path, dev->source.caps.u.storage.block) < 0)
return -1;
}
}
ret = virSecuritySELinuxRestoreSecurityFileLabel(mgr, path);
VIR_FREE(path);
@ -1625,10 +1598,8 @@ virSecuritySELinuxRestoreSecurityHostdevCapsLabel(virSecurityManagerPtr mgr,
return -1;
}
} else {
if (!(path = strdup(dev->source.caps.u.misc.chardev))) {
virReportOOMError();
if (VIR_STRDUP(path, dev->source.caps.u.misc.chardev) < 0)
return -1;
}
}
ret = virSecuritySELinuxRestoreSecurityFileLabel(mgr, path);
VIR_FREE(path);
@ -2414,7 +2385,7 @@ virSecuritySELinuxGenImageLabel(virSecurityManagerPtr mgr,
const char *range;
context_t ctx = NULL;
char *label = NULL;
const char *mcs = NULL;
char *mcs = NULL;
secdef = virDomainDefGetSecurityLabelDef(def, SECURITY_SELINUX_NAME);
if (secdef == NULL)
@ -2428,11 +2399,8 @@ virSecuritySELinuxGenImageLabel(virSecurityManagerPtr mgr,
}
range = context_range_get(ctx);
if (range) {
mcs = strdup(range);
if (!mcs) {
virReportOOMError();
if (VIR_STRDUP(mcs, range) < 0)
goto cleanup;
}
if (!(label = virSecuritySELinuxGenNewContext(data->file_context,
mcs, true)))
goto cleanup;
@ -2440,9 +2408,9 @@ virSecuritySELinuxGenImageLabel(virSecurityManagerPtr mgr,
}
cleanup:
context_free(ctx);
VIR_FREE(mcs);
return label;
context_free(ctx);
VIR_FREE(mcs);
return label;
}
static char *
@ -2465,11 +2433,8 @@ virSecuritySELinuxGetSecurityMountOptions(virSecurityManagerPtr mgr,
}
}
if (!opts &&
!(opts = strdup(""))) {
virReportOOMError();
if (!opts && VIR_STRDUP(opts, "") < 0)
return NULL;
}
VIR_DEBUG("imageLabel=%s opts=%s",
secdef ? secdef->imagelabel : "(null)", opts);

4
src/security/virt-aa-helper.c
View File

@ -773,7 +773,7 @@ vah_add_file(virBufferPtr buf, const char *path, const char *perms)
return rc;
}
} else
if ((tmp = strdup(path)) == NULL)
if (VIR_STRDUP_QUIET(tmp, path) < 0)
return rc;
if (strchr(perms, 'w') != NULL)
@ -1103,7 +1103,7 @@ vahParseArgv(vahControl * ctl, int argc, char **argv)
break;
case 'f':
case 'F':
if ((ctl->newfile = strdup(optarg)) == NULL)
if (VIR_STRDUP_QUIET(ctl->newfile, optarg) < 0)
vah_error(ctl, 1, _("could not allocate memory for disk"));
ctl->append = arg == 'F';
break;