From patchwork Fri May 12 11:07:27 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Christian_G=C3=B6ttsche?= X-Patchwork-Id: 13239126 X-Patchwork-Delegate: plautrba@redhat.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 4A29BC77B75 for ; Fri, 12 May 2023 11:07:39 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S240333AbjELLHi (ORCPT ); Fri, 12 May 2023 07:07:38 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:34586 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S239919AbjELLHh (ORCPT ); Fri, 12 May 2023 07:07:37 -0400 Received: from mail-ed1-x532.google.com (mail-ed1-x532.google.com [IPv6:2a00:1450:4864:20::532]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 79F4930DC for ; Fri, 12 May 2023 04:07:36 -0700 (PDT) Received: by mail-ed1-x532.google.com with SMTP id 4fb4d7f45d1cf-50bceaf07b8so17915170a12.3 for ; Fri, 12 May 2023 04:07:36 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=20221208; t=1683889655; x=1686481655; h=content-transfer-encoding:mime-version:message-id:date:subject:to :from:from:to:cc:subject:date:message-id:reply-to; bh=mfWUcV0M0NL0oIA6gXma0OTQCk5PechLdX2RyNUV3h0=; b=iL6MdKbHpBdAzOVKFAwnsQSzGEjAK4EJ5q63TnG6Xj6AbKQhnO9qmfe2iGpfZ3mdda cfpSPZQWgx0fIymXO1mgXukMirdenhR1ljNWvLujMrRasMXN5ExZNXJR1/IicKMzkaO/ XaYPfiM6sjf/KqwO/PVpu+u6LgVbdictYMHzelDRrFPulXQ7KO3BYCxYb35q34H/Ji3b oJuY7P4fli2R4X/N5A+3Msc5etUnqTgBBPX0kZ1VzP3UZZLJOdobiDwU/rpZzDB+iglf rPTkun8urZT3XLjn8hU5uQe05ycxxUg/vI3EDQcmr3gez+3OXYXQYsqw/M0J7rNJInR2 C3Ug== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1683889655; x=1686481655; h=content-transfer-encoding:mime-version:message-id:date:subject:to :from:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=mfWUcV0M0NL0oIA6gXma0OTQCk5PechLdX2RyNUV3h0=; b=l24Ce/3CIkocVkxnf9hx9S8FHN8Kcyg2Qq8nXlnHWatbHvxjF3tSb+HMh+bE+p5JZU Y2jMAKap+VdtzJ0B86xQroAne+jF73dMH0yVz00iWPGCRhtkIlVauBFQFp3BBMlPjdCY zpael8CwYdJVpg+v37RhgXDo2UWF3qupsjaaqvl7NVu0wW6waVlObPvUTPSsy1SnuVmu 2lh9Iz9l6QQJvkw7QdtDNYm6gzLMlRYSftNwTZr/Ppn6mlNU7Fjksaouiz2sUhyUWpNu LtnhLNedKsQKnjry/5pXWMu4/nArpcsn/hEf8DPBpzKmHJOiP4JgtnoL40OqyA5HDdQC /OPg== X-Gm-Message-State: AC+VfDyM5ZaFSTlNygUMmtIBm40HYnKUwJNDY3zSV9bu+6F0s7AdEDEM aBHd2BTyujr/xkdVeb8StA8UqGkIW3P0aA== X-Google-Smtp-Source: ACHHUZ6dIMBfqANUQtzNVSclcpX0fbNBgcVGduR+Qy6acDaM33IvO1ihN1fvLSgDrGeNbpdWwljPaw== X-Received: by 2002:aa7:c586:0:b0:50d:b92e:d1dc with SMTP id g6-20020aa7c586000000b0050db92ed1dcmr10058258edq.14.1683889654687; Fri, 12 May 2023 04:07:34 -0700 (PDT) Received: from debianHome.localdomain (dynamic-095-116-181-041.95.116.pool.telefonica.de. [95.116.181.41]) by smtp.gmail.com with ESMTPSA id o11-20020aa7c7cb000000b0050bde945c00sm3812016eds.78.2023.05.12.04.07.34 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 12 May 2023 04:07:34 -0700 (PDT) From: =?utf-8?q?Christian_G=C3=B6ttsche?= To: selinux@vger.kernel.org Subject: [RFC PATCH 1/4] semodule_expand: update Date: Fri, 12 May 2023 13:07:27 +0200 Message-Id: <20230512110730.78672-1-cgzones@googlemail.com> X-Mailer: git-send-email 2.40.1 MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: selinux@vger.kernel.org Drop unnecessary declarations. Reduce scope of file global variable. Mention -v argument in help usage message. More strict integer conversion. More strict argument count checking. Check closing file for incomplete write. Rework resource cleanup, so that all files and allocated memory are released in all branches, useful to minimize reports while debugging libsepol under valgrind(8) or sanitizers. Signed-off-by: Christian Göttsche --- .../semodule_expand/semodule_expand.c | 91 +++++++++++-------- 1 file changed, 55 insertions(+), 36 deletions(-) diff --git a/semodule-utils/semodule_expand/semodule_expand.c b/semodule-utils/semodule_expand/semodule_expand.c index 895cdd78..8d9feb05 100644 --- a/semodule-utils/semodule_expand/semodule_expand.c +++ b/semodule-utils/semodule_expand/semodule_expand.c @@ -21,30 +21,24 @@ #include #include -extern char *optarg; -extern int optind; - -int policyvers = 0; - #define EXPANDPOLICY_VERSION "1.0" static __attribute__((__noreturn__)) void usage(const char *program_name) { - printf("usage: %s [-V -a -c [version]] basemodpkg outputfile\n", + printf("usage: %s [-V -a -c [version] -v] basemodpkg outputfile\n", program_name); exit(1); } int main(int argc, char **argv) { - char *basename, *outname; - int ch, ret, show_version = 0, verbose = 0; - struct sepol_policy_file *pf; - sepol_module_package_t *base; - sepol_policydb_t *out, *p; - FILE *fp, *outfile; - int check_assertions = 1; - sepol_handle_t *handle; + const char *basename, *outname; + int ch, ret, show_version = 0, verbose = 0, policyvers = 0, check_assertions = 1; + struct sepol_policy_file *pf = NULL; + sepol_module_package_t *base = NULL; + sepol_policydb_t *out = NULL, *p; + FILE *fp = NULL, *outfile = NULL; + sepol_handle_t *handle = NULL; while ((ch = getopt(argc, argv, "c:Vva")) != EOF) { switch (ch) { @@ -55,13 +49,15 @@ int main(int argc, char **argv) verbose = 1; break; case 'c':{ - long int n = strtol(optarg, NULL, 10); + long int n; + + errno = 0; + n = strtol(optarg, NULL, 10); if (errno) { fprintf(stderr, "%s: Invalid policyvers specified: %s\n", argv[0], optarg); usage(argv[0]); - exit(1); } if (n < sepol_policy_kern_vers_min() || n > sepol_policy_kern_vers_max()) { @@ -71,7 +67,6 @@ int main(int argc, char **argv) sepol_policy_kern_vers_min(), sepol_policy_kern_vers_max()); usage(argv[0]); - exit(1); } policyvers = n; break; @@ -96,7 +91,7 @@ int main(int argc, char **argv) } /* check args */ - if (argc < 3 || !(optind != (argc - 1))) { + if (argc < 3 || argc - optind != 2) { fprintf(stderr, "%s: You must provide the base module package and output filename\n", argv[0]); @@ -107,69 +102,74 @@ int main(int argc, char **argv) outname = argv[optind]; handle = sepol_handle_create(); - if (!handle) - exit(1); + if (!handle) { + fprintf(stderr, "%s: Out of memory\n", argv[0]); + goto failure; + } if (sepol_policy_file_create(&pf)) { fprintf(stderr, "%s: Out of memory\n", argv[0]); - exit(1); + goto failure; } /* read the base module */ if (sepol_module_package_create(&base)) { fprintf(stderr, "%s: Out of memory\n", argv[0]); - exit(1); + goto failure; } + fp = fopen(basename, "r"); if (!fp) { fprintf(stderr, "%s: Can't open '%s': %s\n", argv[0], basename, strerror(errno)); - exit(1); + goto failure; } + sepol_policy_file_set_fp(pf, fp); ret = sepol_module_package_read(base, pf, 0); if (ret) { fprintf(stderr, "%s: Error in reading package from %s\n", argv[0], basename); - exit(1); + goto failure; } + fclose(fp); + fp = NULL; /* linking the base takes care of enabling optional avrules */ p = sepol_module_package_get_policy(base); if (sepol_link_modules(handle, p, NULL, 0, 0)) { fprintf(stderr, "%s: Error while enabling avrules\n", argv[0]); - exit(1); + goto failure; } /* create the output policy */ if (sepol_policydb_create(&out)) { fprintf(stderr, "%s: Out of memory\n", argv[0]); - exit(1); + goto failure; } sepol_set_expand_consume_base(handle, 1); if (sepol_expand_module(handle, p, out, verbose, check_assertions)) { fprintf(stderr, "%s: Error while expanding policy\n", argv[0]); - exit(1); + goto failure; } if (policyvers) { if (sepol_policydb_set_vers(out, policyvers)) { fprintf(stderr, "%s: Invalid version %d\n", argv[0], policyvers); - exit(1); + goto failure; } } - sepol_module_package_free(base); - outfile = fopen(outname, "w"); if (!outfile) { - perror(outname); - exit(1); + fprintf(stderr, "%s: Can't open '%s': %s\n", + argv[0], outname, strerror(errno)); + goto failure; } sepol_policy_file_set_fp(pf, outfile); @@ -178,12 +178,31 @@ int main(int argc, char **argv) fprintf(stderr, "%s: Error while writing expanded policy to %s\n", argv[0], outname); - exit(1); + goto failure; } - fclose(outfile); - sepol_handle_destroy(handle); + + ret = fclose(outfile); + outfile = NULL; + if (ret) { + fprintf(stderr, "%s: Error closing policy file %s: %s\n", + argv[0], outname, strerror(errno)); + goto failure; + } + + ret = EXIT_SUCCESS; +cleanup: + if (outfile) + fclose(outfile); sepol_policydb_free(out); + if (fp) + fclose(fp); + sepol_module_package_free(base); sepol_policy_file_free(pf); + sepol_handle_destroy(handle); + + return ret; - return 0; +failure: + ret = EXIT_FAILURE; + goto cleanup; } From patchwork Fri May 12 11:07:28 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Christian_G=C3=B6ttsche?= X-Patchwork-Id: 13239127 X-Patchwork-Delegate: plautrba@redhat.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 8E362C77B7F for ; Fri, 12 May 2023 11:07:40 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S239919AbjELLHj (ORCPT ); Fri, 12 May 2023 07:07:39 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:34594 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S240091AbjELLHi (ORCPT ); Fri, 12 May 2023 07:07:38 -0400 Received: from mail-ej1-x632.google.com (mail-ej1-x632.google.com [IPv6:2a00:1450:4864:20::632]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 2FB7F10C for ; Fri, 12 May 2023 04:07:37 -0700 (PDT) Received: by mail-ej1-x632.google.com with SMTP id a640c23a62f3a-965ddb2093bso1413727066b.2 for ; Fri, 12 May 2023 04:07:37 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=20221208; t=1683889655; x=1686481655; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=nFiuVsxKFUZx7E8GAEhGTXPdCZlmj4NaqGM1VUvD2lI=; b=HWq9iz6IIfax5hFx+D0bhpy55tEWPaF7EogLMClVadfVq7W/9fQdEB3ySxwbWMd6td KbGi8HSTxpAO8e7Qx1ULS9SWGg5o4tb6w6Wy/XJtnE3uCZHiGJowYBRIxgyQWRS6YhJ6 Kwpg1BeMcWf9wRIawz8keP7AYyNnNvfrBYBMpQqW8VXwY0BLmY9RZVfH0En1zTRmmMi+ kLP1s6FHve+WgUQe+EmdKsTSh++RGzpwnRIaJTMxMvfpfCUJhKfPRlveE7qcBszQHXqb yZMzkfOGvpphOw4zof8fGzq40F3zG87/bPelUgCMM8Y9iVPDLIPU2NKadcK/UjJN4acC 6FMg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1683889655; x=1686481655; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=nFiuVsxKFUZx7E8GAEhGTXPdCZlmj4NaqGM1VUvD2lI=; b=iILSY05CihIfb+Z01n6YwM/gSm5df+7fFwPQZIHIXWZLPOUIjJ1Eyf6YfOMmeu0c0R oW24OIUk1CUQ5KWyeXn+LhvqelpTkn37EB24n60DFvPftPWhXkjNKT31YzeNBq3V7bxh WEMiRrwSoVBTj9v5xY40e3pzKfmIL0G95pX3fxkm93zwyyboZvJzT/ehgonU3EaPTOEE ghNE8c7Rwsc2KuxihF3bx9ChOaWWe4b8JPVkqNx6P6hwTX0aW1b5/uqK3TbSYm3FE4H7 tcnZVqkLv0tO9MF7zmpGXYbtttymshT+3eL3WLqn06NtlouzGfnsCPkh5GG94yf3du0p Uyiw== X-Gm-Message-State: AC+VfDzFg8rQ5AQDYXhLmoHAWKW/kkXMJx2FMILuN9JQ5wM2mKXrKw9Y 42HN7IDY7TZ6tVNFl2/scaX4wRXIPkRIEw== X-Google-Smtp-Source: ACHHUZ7kn6PMENFEZIf86XfN7Nu9nOK+3plONmJhMXxZu3yxlvnIgeAB7g/2QTxWKq2S6XUEXT2Hdw== X-Received: by 2002:a17:907:9488:b0:96a:a0fd:d43e with SMTP id dm8-20020a170907948800b0096aa0fdd43emr1953720ejc.49.1683889655371; Fri, 12 May 2023 04:07:35 -0700 (PDT) Received: from debianHome.localdomain (dynamic-095-116-181-041.95.116.pool.telefonica.de. [95.116.181.41]) by smtp.gmail.com with ESMTPSA id o11-20020aa7c7cb000000b0050bde945c00sm3812016eds.78.2023.05.12.04.07.34 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 12 May 2023 04:07:34 -0700 (PDT) From: =?utf-8?q?Christian_G=C3=B6ttsche?= To: selinux@vger.kernel.org Subject: [RFC PATCH 2/4] semodule_link: update Date: Fri, 12 May 2023 13:07:28 +0200 Message-Id: <20230512110730.78672-2-cgzones@googlemail.com> X-Mailer: git-send-email 2.40.1 In-Reply-To: <20230512110730.78672-1-cgzones@googlemail.com> References: <20230512110730.78672-1-cgzones@googlemail.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: selinux@vger.kernel.org Drop unnecessary declarations. More verbose error messages and add missing trailing newline. More strict argument count checking. Check closing file for incomplete write. Rework resource cleanup, so that all files and allocated memory are released in all branches, useful to minimize reports while debugging libsepol under valgrind(8) or sanitizers. Signed-off-by: Christian Göttsche --- semodule-utils/semodule_link/semodule_link.c | 65 ++++++++++++-------- 1 file changed, 38 insertions(+), 27 deletions(-) diff --git a/semodule-utils/semodule_link/semodule_link.c b/semodule-utils/semodule_link/semodule_link.c index 38a6843c..58a82cb0 100644 --- a/semodule-utils/semodule_link/semodule_link.c +++ b/semodule-utils/semodule_link/semodule_link.c @@ -21,9 +21,7 @@ #define LINKPOLICY_VERSION "1.0" -char *progname; -extern char *optarg; -extern int optind; +static const char *progname; static __attribute__((__noreturn__)) void usage(const char *program_name) { @@ -32,7 +30,7 @@ static __attribute__((__noreturn__)) void usage(const char *program_name) exit(1); } -static sepol_module_package_t *load_module(char *filename) +static sepol_module_package_t *load_module(const char *filename) { int ret; FILE *fp = NULL; @@ -49,7 +47,7 @@ static sepol_module_package_t *load_module(char *filename) } fp = fopen(filename, "r"); if (!fp) { - fprintf(stderr, "%s: Could not open package %s: %s", progname, + fprintf(stderr, "%s: Could not open package %s: %s\n", progname, filename, strerror(errno)); goto bad; } @@ -76,11 +74,10 @@ static sepol_module_package_t *load_module(char *filename) int main(int argc, char **argv) { - int ch, i, show_version = 0, verbose = 0, num_mods; - char *basename, *outname = NULL; - sepol_module_package_t *base, **mods; - FILE *outfile; - struct sepol_policy_file *pf; + int ch, i, ret, show_version = 0, verbose = 0, num_mods = 0; + const char *basename, *outname = NULL; + sepol_module_package_t *base = NULL, **mods = NULL; + struct sepol_policy_file *pf = NULL; progname = argv[0]; @@ -106,7 +103,7 @@ int main(int argc, char **argv) } /* check args */ - if (argc < 3 || !(optind != (argc - 1))) { + if (argc < 3 || optind + 2 > argc) { fprintf(stderr, "%s: You must provide the base module package and at least one other module package\n", argv[0]); @@ -119,18 +116,15 @@ int main(int argc, char **argv) fprintf(stderr, "%s: Could not load base module from file %s\n", argv[0], basename); - exit(1); + goto failure; } num_mods = argc - optind; - mods = - (sepol_module_package_t **) malloc(sizeof(sepol_module_package_t *) - * num_mods); + mods = calloc(num_mods, sizeof(sepol_module_package_t *)); if (!mods) { fprintf(stderr, "%s: Out of memory\n", argv[0]); - exit(1); + goto failure; } - memset(mods, 0, sizeof(sepol_module_package_t *) * num_mods); for (i = 0; optind < argc; optind++, i++) { mods[i] = load_module(argv[optind]); @@ -138,39 +132,56 @@ int main(int argc, char **argv) fprintf(stderr, "%s: Could not load module from file %s\n", argv[0], argv[optind]); - exit(1); + goto failure; } } if (sepol_link_packages(NULL, base, mods, num_mods, verbose)) { fprintf(stderr, "%s: Error while linking packages\n", argv[0]); - exit(1); + goto failure; } if (outname) { - outfile = fopen(outname, "w"); + FILE *outfile = fopen(outname, "w"); if (!outfile) { - perror(outname); - exit(1); + fprintf(stderr, "%s: Could not open output file %s: %s\n", + progname, outname, strerror(errno)); + goto failure; } if (sepol_policy_file_create(&pf)) { fprintf(stderr, "%s: Out of memory\n", argv[0]); - exit(1); + fclose(outfile); + goto failure; } sepol_policy_file_set_fp(pf, outfile); if (sepol_module_package_write(base, pf)) { fprintf(stderr, "%s: Error writing linked package.\n", argv[0]); - exit(1); + sepol_policy_file_free(pf); + fclose(outfile); + goto failure; } sepol_policy_file_free(pf); - fclose(outfile); + + if (fclose(outfile)) { + fprintf(stderr, "%s: Error closing linked package: %s\n", + argv[0], strerror(errno)); + goto failure; + } } - sepol_module_package_free(base); + ret = EXIT_SUCCESS; + +cleanup: for (i = 0; i < num_mods; i++) sepol_module_package_free(mods[i]); free(mods); - exit(0); + sepol_module_package_free(base); + + return ret; + +failure: + ret = EXIT_FAILURE; + goto cleanup; } From patchwork Fri May 12 11:07:29 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Christian_G=C3=B6ttsche?= X-Patchwork-Id: 13239129 X-Patchwork-Delegate: plautrba@redhat.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id AE96DC77B7C for ; Fri, 12 May 2023 11:07:41 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S240546AbjELLHk (ORCPT ); Fri, 12 May 2023 07:07:40 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:34604 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S240091AbjELLHk (ORCPT ); Fri, 12 May 2023 07:07:40 -0400 Received: from mail-ed1-x52a.google.com (mail-ed1-x52a.google.com [IPv6:2a00:1450:4864:20::52a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id CF8414C1F for ; Fri, 12 May 2023 04:07:37 -0700 (PDT) Received: by mail-ed1-x52a.google.com with SMTP id 4fb4d7f45d1cf-50bc22805d3so14864813a12.1 for ; Fri, 12 May 2023 04:07:37 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=20221208; t=1683889656; x=1686481656; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=CE2efAKMBmF3jP0rKtjqoFVIPFNvp/HlcNe0SSC0aD4=; b=Qunp6CUpgIpLMmIhIsRXXkyjw4f3O8n0NyaTLiXGKqoJ+CZOUon4gNdjXnsfRqdjjm SW65vGFsDZMtRhhgjulanV0zUAAaD4QBs59/oVhd3obGQzh8jkpgJe0raQlDdy7VwAmT PbWaneezsoDTWwR114cPJAOxUug0TtnBgWXXm6b2pe9tkqVmtbh+uAHpQ0v0ImNs7hPo GVHplaUt7szcwKUtAa48Dkxlm5o5CVdjIEVi+0yopAVp5ZOAOy4EjG6hyqiQniTYPfiT IXePz4z115MHAK4f/q/KVs4B14GWzvYf7Vcx+UwpOKl8GH6I/XXUymWNQgM4LtG5vLR1 EnUg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1683889656; x=1686481656; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=CE2efAKMBmF3jP0rKtjqoFVIPFNvp/HlcNe0SSC0aD4=; b=VJI1UNZDcOYK+diyCxhq0xNWFKCyPat8NtZ6k3GCwEQAmaUSrgU0bIHTaXZak1N+nI Cj/LCnNIoRNSLGNLUUFglSMUwjlJlwyrd89PBo6v7RBRqOlDIEC9vy0kRibRQklYQXO1 QB1SmUe5o4bxDNP7NDyA/aBLFSbBupXiLYFT/yuJDfOsJBwf8VByhrNFMgwOVUQVlCq3 uglX5ibMeexdyjs8ulAhYk8g03ug0ssypZ2E4GYfjWh7ZTzZFQSXGoztZu98WV3tMmL4 O48o9nIftwmueZlorzHcLYPnFQgO3kQFIhKCMcZ1mtPnzeZcdlA7HNFE3px65acKDvGR IbVg== X-Gm-Message-State: AC+VfDwPSDY6fFR+jaMLuSU/IAslmAk2iebHA18HFVDMpEncls9L/clp neQfY8pCHvkAcAEhdo8IHUTWvf+DuolFRg== X-Google-Smtp-Source: ACHHUZ64RJtDnPfOx3r2Jt5SbkGCowDYTzys7gpVJuFFKTZKpumFm6Y60TwTJCAQ6Pad3JkEfBbsAw== X-Received: by 2002:a05:6402:150e:b0:50d:dcaa:6b7f with SMTP id f14-20020a056402150e00b0050ddcaa6b7fmr6783828edw.20.1683889656112; Fri, 12 May 2023 04:07:36 -0700 (PDT) Received: from debianHome.localdomain (dynamic-095-116-181-041.95.116.pool.telefonica.de. [95.116.181.41]) by smtp.gmail.com with ESMTPSA id o11-20020aa7c7cb000000b0050bde945c00sm3812016eds.78.2023.05.12.04.07.35 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 12 May 2023 04:07:35 -0700 (PDT) From: =?utf-8?q?Christian_G=C3=B6ttsche?= To: selinux@vger.kernel.org Subject: [RFC PATCH 3/4] semodule_package: update Date: Fri, 12 May 2023 13:07:29 +0200 Message-Id: <20230512110730.78672-3-cgzones@googlemail.com> X-Mailer: git-send-email 2.40.1 In-Reply-To: <20230512110730.78672-1-cgzones@googlemail.com> References: <20230512110730.78672-1-cgzones@googlemail.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: selinux@vger.kernel.org Drop unnecessary declarations. Add missing error messages. More strict command line argument parsing. Check closing file for incomplete write. Rework resource cleanup, so that all files and allocated memory are released in all branches, useful to minimize reports while debugging libsepol under valgrind(8) or sanitizers. Signed-off-by: Christian Göttsche --- .../semodule_package/semodule_package.c | 203 +++++++++++------- 1 file changed, 125 insertions(+), 78 deletions(-) diff --git a/semodule-utils/semodule_package/semodule_package.c b/semodule-utils/semodule_package/semodule_package.c index bc8584b5..7485e254 100644 --- a/semodule-utils/semodule_package/semodule_package.c +++ b/semodule-utils/semodule_package/semodule_package.c @@ -19,8 +19,7 @@ #include #include -char *progname = NULL; -extern char *optarg; +static const char *progname = NULL; static __attribute__((__noreturn__)) void usage(const char *prog) { @@ -37,26 +36,6 @@ static __attribute__((__noreturn__)) void usage(const char *prog) exit(1); } -static int file_to_policy_file(const char *filename, struct sepol_policy_file **pf, - const char *mode) -{ - FILE *f; - - if (sepol_policy_file_create(pf)) { - fprintf(stderr, "%s: Out of memory\n", progname); - return -1; - } - - f = fopen(filename, mode); - if (!f) { - fprintf(stderr, "%s: Could not open file %s: %s\n", progname, - strerror(errno), filename); - return -1; - } - sepol_policy_file_set_fp(*pf, f); - return 0; -} - static int file_to_data(const char *path, char **data, size_t * len) { int fd; @@ -94,17 +73,18 @@ static int file_to_data(const char *path, char **data, size_t * len) int main(int argc, char **argv) { - struct sepol_module_package *pkg; - struct sepol_policy_file *mod, *out; + struct sepol_module_package *pkg = NULL; + struct sepol_policy_file *mod = NULL, *out = NULL; + FILE *fp = NULL; char *module = NULL, *file_contexts = NULL, *seusers = NULL, *user_extra = NULL; char *fcdata = NULL, *outfile = NULL, *seusersdata = NULL, *user_extradata = NULL; char *netfilter_contexts = NULL, *ncdata = NULL; size_t fclen = 0, seuserslen = 0, user_extralen = 0, nclen = 0; - int i; + int i, ret; - static struct option opts[] = { + const struct option opts[] = { {"module", required_argument, NULL, 'm'}, {"fc", required_argument, NULL, 'f'}, {"seuser", required_argument, NULL, 's'}, @@ -115,11 +95,12 @@ int main(int argc, char **argv) {NULL, 0, NULL, 0} }; + progname = argv[0]; + while ((i = getopt_long(argc, argv, "m:f:s:u:o:n:h", opts, NULL)) != -1) { switch (i) { case 'h': - usage(argv[0]); - exit(0); + usage(progname); case 'm': if (module) { fprintf(stderr, @@ -127,8 +108,10 @@ int main(int argc, char **argv) exit(1); } module = strdup(optarg); - if (!module) + if (!module) { + fprintf(stderr, "%s: Out of memory\n", progname); exit(1); + } break; case 'f': if (file_contexts) { @@ -137,8 +120,10 @@ int main(int argc, char **argv) exit(1); } file_contexts = strdup(optarg); - if (!file_contexts) + if (!file_contexts) { + fprintf(stderr, "%s: Out of memory\n", progname); exit(1); + } break; case 'o': if (outfile) { @@ -147,8 +132,10 @@ int main(int argc, char **argv) exit(1); } outfile = strdup(optarg); - if (!outfile) + if (!outfile) { + fprintf(stderr, "%s: Out of memory\n", progname); exit(1); + } break; case 's': if (seusers) { @@ -157,8 +144,10 @@ int main(int argc, char **argv) exit(1); } seusers = strdup(optarg); - if (!seusers) + if (!seusers) { + fprintf(stderr, "%s: Out of memory\n", progname); exit(1); + } break; case 'u': if (user_extra) { @@ -167,8 +156,10 @@ int main(int argc, char **argv) exit(1); } user_extra = strdup(optarg); - if (!user_extra) + if (!user_extra) { + fprintf(stderr, "%s: Out of memory\n", progname); exit(1); + } break; case 'n': if (netfilter_contexts) { @@ -177,88 +168,144 @@ int main(int argc, char **argv) exit(1); } netfilter_contexts = strdup(optarg); - if (!netfilter_contexts) + if (!netfilter_contexts) { + fprintf(stderr, "%s: Out of memory\n", progname); exit(1); + } break; + case '?': + usage(progname); + default: + fprintf(stderr, "%s: Unsupported getopt return code: %d\n", progname, i); + usage(progname); } } - progname = argv[0]; - - if (!module || !outfile) { - usage(argv[0]); - exit(0); + if (optind < argc) { + fprintf(stderr, "%s: Superfluous command line arguments: ", progname); + while (optind < argc) + fprintf(stderr, "%s ", argv[optind++]); + fprintf(stderr, "\n"); + usage(progname); } - if (file_contexts) { - if (file_to_data(file_contexts, &fcdata, &fclen)) - exit(1); - } + if (!module || !outfile) + usage(progname); - if (seusers) { - if (file_to_data(seusers, &seusersdata, &seuserslen)) - exit(1); - } + if (file_contexts && file_to_data(file_contexts, &fcdata, &fclen)) + goto failure; - if (user_extra) { - if (file_to_data(user_extra, &user_extradata, &user_extralen)) - exit(1); - } + if (seusers && file_to_data(seusers, &seusersdata, &seuserslen)) + goto failure; + + if (user_extra && file_to_data(user_extra, &user_extradata, &user_extralen)) + goto failure; - if (netfilter_contexts) { - if (file_to_data(netfilter_contexts, &ncdata, &nclen)) - exit(1); + if (netfilter_contexts && file_to_data(netfilter_contexts, &ncdata, &nclen)) + goto failure; + + if (sepol_policy_file_create(&mod)) { + fprintf(stderr, "%s: Out of memory\n", progname); + goto failure; } - if (file_to_policy_file(module, &mod, "r")) - exit(1); + fp = fopen(module, "r"); + if (!fp) { + fprintf(stderr, "%s: Could not open file %s: %s\n", progname, + module, strerror(errno)); + goto failure; + } + sepol_policy_file_set_fp(mod, fp); if (sepol_module_package_create(&pkg)) { fprintf(stderr, "%s: Out of memory\n", argv[0]); - exit(1); + goto failure; } if (sepol_policydb_read(sepol_module_package_get_policy(pkg), mod)) { fprintf(stderr, "%s: Error while reading policy module from %s\n", argv[0], module); - exit(1); + goto failure; } - if (fclen) - sepol_module_package_set_file_contexts(pkg, fcdata, fclen); + fclose(fp); + fp = NULL; - if (seuserslen) - sepol_module_package_set_seusers(pkg, seusersdata, seuserslen); + if (fclen && sepol_module_package_set_file_contexts(pkg, fcdata, fclen)) { + fprintf(stderr, "%s: Error while setting file contexts\n", progname); + goto failure; + } - if (user_extra) - sepol_module_package_set_user_extra(pkg, user_extradata, - user_extralen); + if (seuserslen && sepol_module_package_set_seusers(pkg, seusersdata, seuserslen)) { + fprintf(stderr, "%s: Error while setting seusers\n", progname); + goto failure; + } - if (nclen) - sepol_module_package_set_netfilter_contexts(pkg, ncdata, nclen); + if (user_extra && sepol_module_package_set_user_extra(pkg, user_extradata, user_extralen)) { + fprintf(stderr, "%s: Error while setting extra users\n", progname); + goto failure; + } + + if (nclen && sepol_module_package_set_netfilter_contexts(pkg, ncdata, nclen)) { + fprintf(stderr, "%s: Error while setting netfilter contexts\n", progname); + goto failure; + } + + if (sepol_policy_file_create(&out)) { + fprintf(stderr, "%s: Out of memory\n", progname); + goto failure; + } - if (file_to_policy_file(outfile, &out, "w")) - exit(1); + fp = fopen(outfile, "w"); + if (!fp) { + fprintf(stderr, "%s: Could not open file %s: %s\n", progname, + outfile, strerror(errno)); + goto failure; + } + sepol_policy_file_set_fp(out, fp); if (sepol_module_package_write(pkg, out)) { fprintf(stderr, "%s: Error while writing module package to %s\n", argv[0], argv[1]); - exit(1); + goto failure; } - if (fclen) - munmap(fcdata, fclen); + ret = fclose(fp); + fp = NULL; + if (ret) { + fprintf(stderr, "%s: Could not close file %s: %s\n", progname, + outfile, strerror(errno)); + goto failure; + } + + ret = EXIT_SUCCESS; + +cleanup: + if (fp) + fclose(fp); + sepol_policy_file_free(out); if (nclen) munmap(ncdata, nclen); - sepol_policy_file_free(mod); - sepol_policy_file_free(out); + if (user_extradata) + munmap(user_extradata, user_extralen); + if (seuserslen) + munmap(seusersdata, seuserslen); + if (fclen) + munmap(fcdata, fclen); sepol_module_package_free(pkg); - free(file_contexts); + sepol_policy_file_free(mod); + free(netfilter_contexts); + free(user_extra); + free(seusers); free(outfile); + free(file_contexts); free(module); - free(seusers); - free(user_extra); - exit(0); + + return ret; + +failure: + ret = EXIT_FAILURE; + goto cleanup; } From patchwork Fri May 12 11:07:30 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Christian_G=C3=B6ttsche?= X-Patchwork-Id: 13239128 X-Patchwork-Delegate: plautrba@redhat.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 5F2D8C7EE25 for ; Fri, 12 May 2023 11:07:42 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S240360AbjELLHl (ORCPT ); Fri, 12 May 2023 07:07:41 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:34606 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S240338AbjELLHk (ORCPT ); Fri, 12 May 2023 07:07:40 -0400 Received: from mail-ed1-x52d.google.com (mail-ed1-x52d.google.com [IPv6:2a00:1450:4864:20::52d]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id A1B2730DC for ; Fri, 12 May 2023 04:07:38 -0700 (PDT) Received: by mail-ed1-x52d.google.com with SMTP id 4fb4d7f45d1cf-50bd875398dso14779320a12.1 for ; Fri, 12 May 2023 04:07:38 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=20221208; t=1683889657; x=1686481657; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=HayLvsHKcvOwnYP2GdxtAfynefSInfGAezvE5JgeD78=; b=VNwJRUCQE93qXuznfocS2kXFY+VA85Qz7mJPHGSFaZoBihq3dO0WMyIm/yZS1daPFM ygOw8ifxM5jLsxnZTmGYzh7wzGcJT0w1vEpKXKS1LDjWbn+MCPeCfEvxgBRUegBtBgqf rZNqyU6idBA7JjmhGet1Lmrh/sNHA5IsttOloLB/egrqKMCAtDfJH5iROd3yl5ebUeoH nSPdPNNC8qy8zM5wbaorPw6RvW+QmaEE5ZVNfay7/2A4lhdNN3iDeG4j88dBGwEEayo0 ctdUsG7ar6ZJE4ZQ5JTS2/EBfMGaqU3xFqcgnYPWPBDxRi9njwYVYygX98cG2iMFkKAz Zk+g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1683889657; x=1686481657; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=HayLvsHKcvOwnYP2GdxtAfynefSInfGAezvE5JgeD78=; b=SIdPGqbRaseeGbifx94lGfaTnMSgw7NPcess9in4lo7OAksfeK8Tdq0lhTyrba5W+g Vw035LtevKowYDO7c+suBD9M/qK1Pv0S1TPuq7W4s1VZj1aro+UvzQDS3jvMcCF+VIKq MoCivl2Wi9Hdv/KP2S3238SoJZOSIQvazTFRWShIBfLyjeqFVK5HaAuYxxUixBHgiUhv diz/fl9swiC9uvXnF8HQgM3D6A1GyLoXxxLSvLTlGy5sAAbK7NWPFfEHL5AZGQJC60uR P2RLLKGjtLrDNSMzPlXf9SUTL7aGN6IV9sYNORFmO6QmOQvRpou0P+hr3J1e/eKvoq+g aCSQ== X-Gm-Message-State: AC+VfDwFPptujTe0GtKE84QXjMk/KgZ1T9gYWAr4YLFkBSD6tenDJoa2 O/Z6RsZW1i4Qxkh400OvL7q1MMp6e7wqKQ== X-Google-Smtp-Source: ACHHUZ4RFHPY6Ju1xvV9EdkyP63UDrvKo7BofPxquSMb/2WaMtT1i/+BDNkUXGb6pjOC0JHK/1JKLA== X-Received: by 2002:a17:907:7d91:b0:969:e304:7a1d with SMTP id oz17-20020a1709077d9100b00969e3047a1dmr14119012ejc.50.1683889656812; Fri, 12 May 2023 04:07:36 -0700 (PDT) Received: from debianHome.localdomain (dynamic-095-116-181-041.95.116.pool.telefonica.de. [95.116.181.41]) by smtp.gmail.com with ESMTPSA id o11-20020aa7c7cb000000b0050bde945c00sm3812016eds.78.2023.05.12.04.07.36 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 12 May 2023 04:07:36 -0700 (PDT) From: =?utf-8?q?Christian_G=C3=B6ttsche?= To: selinux@vger.kernel.org Subject: [RFC PATCH 4/4] semodule_unpackage: update Date: Fri, 12 May 2023 13:07:30 +0200 Message-Id: <20230512110730.78672-4-cgzones@googlemail.com> X-Mailer: git-send-email 2.40.1 In-Reply-To: <20230512110730.78672-1-cgzones@googlemail.com> References: <20230512110730.78672-1-cgzones@googlemail.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: selinux@vger.kernel.org Drop unnecessary declarations. Check closing file for incomplete write. Rework resource cleanup, so that all files and allocated memory are released in all branches, useful to minimize reports while debugging libsepol under valgrind(8) or sanitizers. Signed-off-by: Christian Göttsche --- .../semodule_package/semodule_unpackage.c | 122 +++++++++++------- 1 file changed, 75 insertions(+), 47 deletions(-) diff --git a/semodule-utils/semodule_package/semodule_unpackage.c b/semodule-utils/semodule_package/semodule_unpackage.c index b8c4fbce..21c97953 100644 --- a/semodule-utils/semodule_package/semodule_unpackage.c +++ b/semodule-utils/semodule_package/semodule_unpackage.c @@ -11,8 +11,7 @@ #include #include -char *progname = NULL; -extern char *optarg; +static const char *progname = NULL; static __attribute__((__noreturn__)) void usage(void) { @@ -20,84 +19,113 @@ static __attribute__((__noreturn__)) void usage(void) exit(1); } -static int file_to_policy_file(const char *filename, struct sepol_policy_file **pf, const char *mode) -{ - FILE *f; - - if (sepol_policy_file_create(pf)) { - fprintf(stderr, "%s: Out of memory\n", progname); - return -1; - } - - f = fopen(filename, mode); - if (!f) { - fprintf(stderr, "%s: Could not open file %s: %s\n", progname, strerror(errno), filename); - return -1; - } - sepol_policy_file_set_fp(*pf, f); - return 0; -} - int main(int argc, char **argv) { - struct sepol_module_package *pkg; - struct sepol_policy_file *in, *out; - FILE *fp; + struct sepol_module_package *pkg = NULL; + struct sepol_policy_file *in = NULL, *out = NULL; + FILE *fp = NULL; size_t len; - char *ppfile, *modfile, *fcfile = NULL, *fcdata; + const char *ppfile, *modfile, *fcfile = NULL, *fcdata; + int ret; progname = argv[0]; - if (argc < 3) { + if (argc < 3) usage(); - exit(1); - } ppfile = argv[1]; modfile = argv[2]; if (argc >= 4) fcfile = argv[3]; - if (file_to_policy_file(ppfile, &in, "r")) - exit(1); - if (sepol_module_package_create(&pkg)) { - fprintf(stderr, "%s: Out of memory\n", progname); - exit(1); + fprintf(stderr, "%s: Out of memory\n", progname); + goto failure; + } + + if (sepol_policy_file_create(&in)) { + fprintf(stderr, "%s: Out of memory\n", progname); + goto failure; } + fp = fopen(ppfile, "r"); + if (!fp) { + fprintf(stderr, "%s: Could not open file %s: %s\n", progname, ppfile, strerror(errno)); + goto failure; + } + sepol_policy_file_set_fp(in, fp); + if (sepol_module_package_read(pkg, in, 0) == -1) { - fprintf(stderr, "%s: Error while reading policy module from %s\n", + fprintf(stderr, "%s: Error while reading policy module from %s\n", progname, ppfile); - exit(1); + goto failure; } - if (file_to_policy_file(modfile, &out, "w")) - exit(1); + sepol_policy_file_free(in); + in = NULL; + fclose(fp); + fp = NULL; - if (sepol_policydb_write(sepol_module_package_get_policy(pkg), out)) { - fprintf(stderr, "%s: Error while writing module to %s\n", progname, modfile); - exit(1); - } + if (sepol_policy_file_create(&out)) { + fprintf(stderr, "%s: Out of memory\n", progname); + goto failure; + } + + fp = fopen(modfile, "w"); + if (!fp) { + fprintf(stderr, "%s: Could not open file %s: %s\n", progname, modfile, strerror(errno)); + goto failure; + } + sepol_policy_file_set_fp(out, fp); + + if (sepol_policydb_write(sepol_module_package_get_policy(pkg), out)) { + fprintf(stderr, "%s: Error while writing module to %s\n", progname, modfile); + goto failure; + } + + ret = fclose(fp); + fp = NULL; + if (ret) { + fprintf(stderr, "%s: Error while closing file %s: %s\n", progname, modfile, strerror(errno)); + goto failure; + } - sepol_policy_file_free(in); sepol_policy_file_free(out); + out = NULL; len = sepol_module_package_get_file_contexts_len(pkg); if (fcfile && len) { fp = fopen(fcfile, "w"); if (!fp) { - fprintf(stderr, "%s: Could not open file %s: %s\n", progname, strerror(errno), fcfile); - exit(1); + fprintf(stderr, "%s: Could not open file %s: %s\n", progname, fcfile, strerror(errno)); + goto failure; } fcdata = sepol_module_package_get_file_contexts(pkg); if (fwrite(fcdata, 1, len, fp) != len) { - fprintf(stderr, "%s: Could not write file %s: %s\n", progname, strerror(errno), fcfile); - exit(1); + fprintf(stderr, "%s: Could not write file %s: %s\n", progname, fcfile, strerror(errno)); + goto failure; + } + + ret = fclose(fp); + fp = NULL; + if (ret) { + fprintf(stderr, "%s: Could not close file %s: %s\n", progname, fcfile, strerror(errno)); + goto failure; } - fclose(fp); } + ret = EXIT_SUCCESS; + +cleanup: + if (fp) + fclose(fp); + sepol_policy_file_free(out); sepol_module_package_free(pkg); - exit(0); + sepol_policy_file_free(in); + + return ret; + +failure: + ret = EXIT_FAILURE; + goto cleanup; }