Remove the use of nvlist_.*[vf] functions from libcapsicum and replace
them with snprintf(3). Assert the results of snprintf(3). Approved by: pjd (mentor)
This commit is contained in:
parent
3cfb71c186
commit
bed3fb70df
@ -30,6 +30,7 @@
|
||||
#include <sys/cdefs.h>
|
||||
__FBSDID("$FreeBSD$");
|
||||
|
||||
#include <assert.h>
|
||||
#include <netdb.h>
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
@ -67,6 +68,8 @@ static struct hostent *
|
||||
hostent_unpack(const nvlist_t *nvl, struct hostent *hp)
|
||||
{
|
||||
unsigned int ii, nitems;
|
||||
char nvlname[64];
|
||||
int n;
|
||||
|
||||
hostent_free(hp);
|
||||
|
||||
@ -81,8 +84,10 @@ hostent_unpack(const nvlist_t *nvl, struct hostent *hp)
|
||||
if (hp->h_aliases == NULL)
|
||||
goto fail;
|
||||
for (ii = 0; ii < nitems; ii++) {
|
||||
n = snprintf(nvlname, sizeof(nvlname), "alias%u", ii);
|
||||
assert(n > 0 && n < (int)sizeof(nvlname));
|
||||
hp->h_aliases[ii] =
|
||||
strdup(nvlist_getf_string(nvl, "alias%u", ii));
|
||||
strdup(nvlist_get_string(nvl, nvlname));
|
||||
if (hp->h_aliases[ii] == NULL)
|
||||
goto fail;
|
||||
}
|
||||
@ -96,7 +101,9 @@ hostent_unpack(const nvlist_t *nvl, struct hostent *hp)
|
||||
hp->h_addr_list[ii] = malloc(hp->h_length);
|
||||
if (hp->h_addr_list[ii] == NULL)
|
||||
goto fail;
|
||||
bcopy(nvlist_getf_binary(nvl, NULL, "addr%u", ii),
|
||||
n = snprintf(nvlname, sizeof(nvlname), "addr%u", ii);
|
||||
assert(n > 0 && n < (int)sizeof(nvlname));
|
||||
bcopy(nvlist_get_binary(nvl, nvlname, NULL),
|
||||
hp->h_addr_list[ii], hp->h_length);
|
||||
}
|
||||
hp->h_addr_list[ii] = NULL;
|
||||
@ -208,8 +215,9 @@ cap_getaddrinfo(cap_channel_t *chan, const char *hostname, const char *servname,
|
||||
struct addrinfo *firstai, *prevai, *curai;
|
||||
unsigned int ii;
|
||||
const nvlist_t *nvlai;
|
||||
char nvlname[64];
|
||||
nvlist_t *nvl;
|
||||
int error;
|
||||
int error, n;
|
||||
|
||||
nvl = nvlist_create(0);
|
||||
nvlist_add_string(nvl, "cmd", "getaddrinfo");
|
||||
@ -237,9 +245,11 @@ cap_getaddrinfo(cap_channel_t *chan, const char *hostname, const char *servname,
|
||||
nvlai = NULL;
|
||||
firstai = prevai = curai = NULL;
|
||||
for (ii = 0; ; ii++) {
|
||||
if (!nvlist_existsf_nvlist(nvl, "res%u", ii))
|
||||
n = snprintf(nvlname, sizeof(nvlname), "res%u", ii);
|
||||
assert(n > 0 && n < (int)sizeof(nvlname));
|
||||
if (!nvlist_exists_nvlist(nvl, nvlname))
|
||||
break;
|
||||
nvlai = nvlist_getf_nvlist(nvl, "res%u", ii);
|
||||
nvlai = nvlist_get_nvlist(nvl, nvlname);
|
||||
curai = addrinfo_unpack(nvlai);
|
||||
if (curai == NULL)
|
||||
break;
|
||||
@ -314,6 +324,8 @@ cap_dns_type_limit(cap_channel_t *chan, const char * const *types,
|
||||
{
|
||||
nvlist_t *limits;
|
||||
unsigned int i;
|
||||
char nvlname[64];
|
||||
int n;
|
||||
|
||||
if (cap_limit_get(chan, &limits) < 0)
|
||||
return (-1);
|
||||
@ -321,8 +333,11 @@ cap_dns_type_limit(cap_channel_t *chan, const char * const *types,
|
||||
limits = nvlist_create(0);
|
||||
else
|
||||
limit_remove(limits, "type");
|
||||
for (i = 0; i < ntypes; i++)
|
||||
nvlist_addf_string(limits, types[i], "type%u", i);
|
||||
for (i = 0; i < ntypes; i++) {
|
||||
n = snprintf(nvlname, sizeof(nvlname), "type%u", i);
|
||||
assert(n > 0 && n < (int)sizeof(nvlname));
|
||||
nvlist_add_string(limits, nvlname, types[i]);
|
||||
}
|
||||
return (cap_limit_set(chan, limits));
|
||||
}
|
||||
|
||||
@ -332,6 +347,8 @@ cap_dns_family_limit(cap_channel_t *chan, const int *families,
|
||||
{
|
||||
nvlist_t *limits;
|
||||
unsigned int i;
|
||||
char nvlname[64];
|
||||
int n;
|
||||
|
||||
if (cap_limit_get(chan, &limits) < 0)
|
||||
return (-1);
|
||||
@ -340,8 +357,9 @@ cap_dns_family_limit(cap_channel_t *chan, const int *families,
|
||||
else
|
||||
limit_remove(limits, "family");
|
||||
for (i = 0; i < nfamilies; i++) {
|
||||
nvlist_addf_number(limits, (uint64_t)families[i],
|
||||
"family%u", i);
|
||||
n = snprintf(nvlname, sizeof(nvlname), "type%u", i);
|
||||
assert(n > 0 && n < (int)sizeof(nvlname));
|
||||
nvlist_add_number(limits, nvlname, (uint64_t)families[i]);
|
||||
}
|
||||
return (cap_limit_set(chan, limits));
|
||||
}
|
||||
|
@ -94,9 +94,10 @@ group_unpack_members(const nvlist_t *nvl, char ***fieldp, char **bufferp,
|
||||
size_t *bufsizep)
|
||||
{
|
||||
const char *mem;
|
||||
char **outstrs, *str;
|
||||
char **outstrs, *str, nvlname[64];
|
||||
size_t nmem, datasize, strsize;
|
||||
unsigned int ii;
|
||||
int n;
|
||||
|
||||
if (!nvlist_exists_number(nvl, "gr_nmem")) {
|
||||
datasize = _ALIGNBYTES + sizeof(char *);
|
||||
@ -113,7 +114,9 @@ group_unpack_members(const nvlist_t *nvl, char ***fieldp, char **bufferp,
|
||||
nmem = (size_t)nvlist_get_number(nvl, "gr_nmem");
|
||||
datasize = _ALIGNBYTES + sizeof(char *) * (nmem + 1);
|
||||
for (ii = 0; ii < nmem; ii++) {
|
||||
mem = dnvlist_getf_string(nvl, NULL, "gr_mem[%u]", ii);
|
||||
n = snprintf(nvlname, sizeof(nvlname), "gr_mem[%u]", ii);
|
||||
assert(n > 0 && n < (int)sizeof(nvlname));
|
||||
mem = dnvlist_get_string(nvl, nvlname, NULL);
|
||||
if (mem == NULL)
|
||||
return (EINVAL);
|
||||
datasize += strlen(mem) + 1;
|
||||
@ -125,7 +128,9 @@ group_unpack_members(const nvlist_t *nvl, char ***fieldp, char **bufferp,
|
||||
outstrs = (char **)_ALIGN(*bufferp);
|
||||
str = (char *)outstrs + sizeof(char *) * (nmem + 1);
|
||||
for (ii = 0; ii < nmem; ii++) {
|
||||
mem = nvlist_getf_string(nvl, "gr_mem[%u]", ii);
|
||||
n = snprintf(nvlname, sizeof(nvlname), "gr_mem[%u]", ii);
|
||||
assert(n > 0 && n < (int)sizeof(nvlname));
|
||||
mem = nvlist_get_string(nvl, nvlname);
|
||||
strsize = strlen(mem) + 1;
|
||||
memcpy(str, mem, strsize);
|
||||
outstrs[ii] = str;
|
||||
@ -407,6 +412,8 @@ cap_grp_limit_groups(cap_channel_t *chan, const char * const *names,
|
||||
{
|
||||
nvlist_t *limits, *groups;
|
||||
unsigned int i;
|
||||
char nvlname[64];
|
||||
int n;
|
||||
|
||||
if (cap_limit_get(chan, &limits) < 0)
|
||||
return (-1);
|
||||
@ -417,10 +424,16 @@ cap_grp_limit_groups(cap_channel_t *chan, const char * const *names,
|
||||
nvlist_free_nvlist(limits, "groups");
|
||||
}
|
||||
groups = nvlist_create(0);
|
||||
for (i = 0; i < ngids; i++)
|
||||
nvlist_addf_number(groups, (uint64_t)gids[i], "gid%u", i);
|
||||
for (i = 0; i < nnames; i++)
|
||||
nvlist_addf_string(groups, names[i], "name%u", i);
|
||||
for (i = 0; i < ngids; i++) {
|
||||
n = snprintf(nvlname, sizeof(nvlname), "gid%u", i);
|
||||
assert(n > 0 && n < (int)sizeof(nvlname));
|
||||
nvlist_add_number(groups, nvlname, (uint64_t)gids[i]);
|
||||
}
|
||||
for (i = 0; i < nnames; i++) {
|
||||
n = snprintf(nvlname, sizeof(nvlname), "gid%u", i);
|
||||
assert(n > 0 && n < (int)sizeof(nvlname));
|
||||
nvlist_add_string(groups, nvlname, names[i]);
|
||||
}
|
||||
nvlist_move_nvlist(limits, "groups", groups);
|
||||
return (cap_limit_set(chan, limits));
|
||||
}
|
||||
|
@ -364,7 +364,9 @@ cap_pwd_limit_users(cap_channel_t *chan, const char * const *names,
|
||||
size_t nnames, uid_t *uids, size_t nuids)
|
||||
{
|
||||
nvlist_t *limits, *users;
|
||||
char nvlname[64];
|
||||
unsigned int i;
|
||||
int n;
|
||||
|
||||
if (cap_limit_get(chan, &limits) < 0)
|
||||
return (-1);
|
||||
@ -375,10 +377,16 @@ cap_pwd_limit_users(cap_channel_t *chan, const char * const *names,
|
||||
nvlist_free_nvlist(limits, "users");
|
||||
}
|
||||
users = nvlist_create(0);
|
||||
for (i = 0; i < nuids; i++)
|
||||
nvlist_addf_number(users, (uint64_t)uids[i], "uid%u", i);
|
||||
for (i = 0; i < nnames; i++)
|
||||
nvlist_addf_string(users, names[i], "name%u", i);
|
||||
for (i = 0; i < nuids; i++) {
|
||||
n = snprintf(nvlname, sizeof(nvlname), "uid%u", i);
|
||||
assert(n > 0 && n < (int)sizeof(nvlname));
|
||||
nvlist_add_number(users, nvlname, (uint64_t)uids[i]);
|
||||
}
|
||||
for (i = 0; i < nnames; i++) {
|
||||
n = snprintf(nvlname, sizeof(nvlname), "name%u", i);
|
||||
assert(n > 0 && n < (int)sizeof(nvlname));
|
||||
nvlist_add_string(users, nvlname, names[i]);
|
||||
}
|
||||
nvlist_move_nvlist(limits, "users", users);
|
||||
return (cap_limit_set(chan, limits));
|
||||
}
|
||||
|
Loading…
x
Reference in New Issue
Block a user