[1/5] checkpolicy/fuzz: drop redundant notdefined check

Commit Message

Christian Göttsche March 11, 2024, 2:57 p.m. UTC

The level_datum_t member notdefined is checked to be 1 during validation
and the fuzzer calls policydb_validate().
Drop the redundant check (as announced in the TODO).

Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
---
 checkpolicy/fuzz/checkpolicy-fuzzer.c | 17 -----------------
 1 file changed, 17 deletions(-)

Comments

James Carter March 14, 2024, 1:19 p.m. UTC | #1

On Mon, Mar 11, 2024 at 10:59 AM Christian Göttsche
<cgzones@googlemail.com> wrote:
>
> The level_datum_t member notdefined is checked to be 1 during validation
> and the fuzzer calls policydb_validate().
> Drop the redundant check (as announced in the TODO).
>
> Signed-off-by: Christian Göttsche <cgzones@googlemail.com>

For these 5 patches:
Acked-by: James Carter <jwcart2@gmail.com>

> ---
>  checkpolicy/fuzz/checkpolicy-fuzzer.c | 17 -----------------
>  1 file changed, 17 deletions(-)
>
> diff --git a/checkpolicy/fuzz/checkpolicy-fuzzer.c b/checkpolicy/fuzz/checkpolicy-fuzzer.c
> index a3da0b57..f3a17cce 100644
> --- a/checkpolicy/fuzz/checkpolicy-fuzzer.c
> +++ b/checkpolicy/fuzz/checkpolicy-fuzzer.c
> @@ -130,21 +130,6 @@ static int read_source_policy(policydb_t *p, const uint8_t *data, size_t size)
>         return 0;
>  }
>
> -static int check_level(hashtab_key_t key, hashtab_datum_t datum, void *arg __attribute__ ((unused)))
> -{
> -       const level_datum_t *levdatum = (level_datum_t *) datum;
> -
> -       // TODO: drop member defined if proven to be always set
> -       if (!levdatum->isalias && levdatum->notdefined) {
> -               fprintf(stderr,
> -                       "Error:  sensitivity %s was not used in a level definition!\n",
> -                       key);
> -               abort();
> -       }
> -
> -       return 0;
> -}
> -
>  static int write_binary_policy(FILE *outfp, policydb_t *p)
>  {
>         struct policy_file pf;
> @@ -198,8 +183,6 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
>         if (read_source_policy(&parsepolicydb, data, size))
>                 goto exit;
>
> -       (void) hashtab_map(parsepolicydb.p_levels.table, check_level, NULL);
> -
>         if (parsepolicydb.policy_type == POLICY_BASE) {
>                 if (link_modules(NULL, &parsepolicydb, NULL, 0, VERBOSE))
>                         goto exit;
> --
> 2.43.0
>
>

James Carter March 20, 2024, 8:05 p.m. UTC | #2

On Thu, Mar 14, 2024 at 9:19 AM James Carter <jwcart2@gmail.com> wrote:
>
> On Mon, Mar 11, 2024 at 10:59 AM Christian Göttsche
> <cgzones@googlemail.com> wrote:
> >
> > The level_datum_t member notdefined is checked to be 1 during validation
> > and the fuzzer calls policydb_validate().
> > Drop the redundant check (as announced in the TODO).
> >
> > Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
>
> For these 5 patches:
> Acked-by: James Carter <jwcart2@gmail.com>
>

These 5 patches have been merged.
Thanks,
Jim

> > ---
> >  checkpolicy/fuzz/checkpolicy-fuzzer.c | 17 -----------------
> >  1 file changed, 17 deletions(-)
> >
> > diff --git a/checkpolicy/fuzz/checkpolicy-fuzzer.c b/checkpolicy/fuzz/checkpolicy-fuzzer.c
> > index a3da0b57..f3a17cce 100644
> > --- a/checkpolicy/fuzz/checkpolicy-fuzzer.c
> > +++ b/checkpolicy/fuzz/checkpolicy-fuzzer.c
> > @@ -130,21 +130,6 @@ static int read_source_policy(policydb_t *p, const uint8_t *data, size_t size)
> >         return 0;
> >  }
> >
> > -static int check_level(hashtab_key_t key, hashtab_datum_t datum, void *arg __attribute__ ((unused)))
> > -{
> > -       const level_datum_t *levdatum = (level_datum_t *) datum;
> > -
> > -       // TODO: drop member defined if proven to be always set
> > -       if (!levdatum->isalias && levdatum->notdefined) {
> > -               fprintf(stderr,
> > -                       "Error:  sensitivity %s was not used in a level definition!\n",
> > -                       key);
> > -               abort();
> > -       }
> > -
> > -       return 0;
> > -}
> > -
> >  static int write_binary_policy(FILE *outfp, policydb_t *p)
> >  {
> >         struct policy_file pf;
> > @@ -198,8 +183,6 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
> >         if (read_source_policy(&parsepolicydb, data, size))
> >                 goto exit;
> >
> > -       (void) hashtab_map(parsepolicydb.p_levels.table, check_level, NULL);
> > -
> >         if (parsepolicydb.policy_type == POLICY_BASE) {
> >                 if (link_modules(NULL, &parsepolicydb, NULL, 0, VERBOSE))
> >                         goto exit;
> > --
> > 2.43.0
> >
> >

Patch

diff --git a/checkpolicy/fuzz/checkpolicy-fuzzer.c b/checkpolicy/fuzz/checkpolicy-fuzzer.c
index a3da0b57..f3a17cce 100644
--- a/checkpolicy/fuzz/checkpolicy-fuzzer.c
+++ b/checkpolicy/fuzz/checkpolicy-fuzzer.c
@@ -130,21 +130,6 @@  static int read_source_policy(policydb_t *p, const uint8_t *data, size_t size)
 	return 0;
 }
 
-static int check_level(hashtab_key_t key, hashtab_datum_t datum, void *arg __attribute__ ((unused)))
-{
-	const level_datum_t *levdatum = (level_datum_t *) datum;
-
-	// TODO: drop member defined if proven to be always set
-	if (!levdatum->isalias && levdatum->notdefined) {
-		fprintf(stderr,
-			"Error:  sensitivity %s was not used in a level definition!\n",
-			key);
-		abort();
-	}
-
-	return 0;
-}
-
 static int write_binary_policy(FILE *outfp, policydb_t *p)
 {
 	struct policy_file pf;
@@ -198,8 +183,6 @@  int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
 	if (read_source_policy(&parsepolicydb, data, size))
 		goto exit;
 
-	(void) hashtab_map(parsepolicydb.p_levels.table, check_level, NULL);
-
 	if (parsepolicydb.policy_type == POLICY_BASE) {
 		if (link_modules(NULL, &parsepolicydb, NULL, 0, VERBOSE))
 			goto exit;