@@ -34,7 +34,7 @@ extern int add_i_to_a(uint32_t i, uint32_t * cnt, uint32_t ** a);
extern char *sepol_av_to_string(policydb_t * policydbp, uint32_t tclass,
sepol_access_vector_t av);
-char *sepol_extended_perms_to_string(avtab_extended_perms_t *xperms);
+char *sepol_extended_perms_to_string(const avtab_extended_perms_t *xperms);
/*
* The tokenize function may be used to
@@ -1627,7 +1627,7 @@ exit:
#define next_bit_in_range(i, p) (((i) + 1 < sizeof(p)*8) && xperm_test(((i) + 1), p))
-static char *xperms_to_str(avtab_extended_perms_t *xperms)
+static char *xperms_to_str(const avtab_extended_perms_t *xperms)
{
uint16_t value;
uint16_t low_bit;
@@ -1644,8 +1644,7 @@ static char *xperms_to_str(avtab_extended_perms_t *xperms)
}
retry:
- size *= 2;
- if (size == 0)
+ if (__builtin_mul_overflow(size, 2, &size))
goto err;
p = realloc(buffer, size);
if (!p)
@@ -126,7 +126,7 @@ char *sepol_av_to_string(policydb_t * policydbp, uint32_t tclass,
#define next_bit_in_range(i, p) (((i) + 1 < sizeof(p)*8) && xperm_test(((i) + 1), p))
-char *sepol_extended_perms_to_string(avtab_extended_perms_t *xperms)
+char *sepol_extended_perms_to_string(const avtab_extended_perms_t *xperms)
{
uint16_t value;
uint16_t low_bit;
@@ -142,8 +142,7 @@ char *sepol_extended_perms_to_string(avtab_extended_perms_t *xperms)
return NULL;
retry:
- size *= 2;
- if (size == 0)
+ if (__builtin_mul_overflow(size, 2, &size))
goto err;
p = realloc(buffer, size);
if (!p)
Declare the read-only permission parameter const. Use a more readable overflow check, which is also resilient against changes of the growth factor or initial size. Signed-off-by: Christian Göttsche <cgzones@googlemail.com> --- libsepol/include/sepol/policydb/util.h | 2 +- libsepol/src/kernel_to_cil.c | 5 ++--- libsepol/src/util.c | 5 ++--- 3 files changed, 5 insertions(+), 7 deletions(-)