[apparmor] [PATCH 6/6] Fix the return size of aa_getprocattr

Steve Beattie steve at nxnw.org
Wed Mar 21 22:24:08 UTC 2012 

On Wed, Mar 21, 2012 at 06:02:25AM -0700, John Johansen wrote:
> aa_getprocattr is returning the size of the buffer not the size of the
> data read that it is supposed to return.  Also update the man page to
> reflect the return value as documented in the functions, and update
> the test cases to check the return value.
> 
> Signed-off-by: John Johansen <john.johansen at canonical.com>

Acked-By: Steve Beattie <sbeattie at ubuntu.com>

> ---
>  libraries/libapparmor/doc/aa_getcon.pod      |    3 +-
>  libraries/libapparmor/src/kernel_interface.c |    3 +-
>  tests/regression/apparmor/introspect.c       |   33 ++++++++++++++++++++-----
>  3 files changed, 29 insertions(+), 10 deletions(-)
> 
> diff --git a/libraries/libapparmor/doc/aa_getcon.pod b/libraries/libapparmor/doc/aa_getcon.pod
> index 2c72264..f279128 100644
> --- a/libraries/libapparmor/doc/aa_getcon.pod
> +++ b/libraries/libapparmor/doc/aa_getcon.pod
> @@ -69,7 +69,8 @@ does not handle buffer allocation.
>  
>  =head1 RETURN VALUE
>  
> -On success zero is returned. On error, -1 is returned, and
> +On success size of data placed in the buffer is returned, this includes the
> +mode if present and any terminating characters. On error, -1 is returned, and
>  errno(3) is set appropriately.
>  
>  =head1 ERRORS
> diff --git a/libraries/libapparmor/src/kernel_interface.c b/libraries/libapparmor/src/kernel_interface.c
> index 7d6edc4..8252b88 100644
> --- a/libraries/libapparmor/src/kernel_interface.c
> +++ b/libraries/libapparmor/src/kernel_interface.c
> @@ -280,11 +280,10 @@ int aa_getprocattr(pid_t tid, const char *attr, char **buf, char **mode)
>  		free(buffer);
>  		*buf = NULL;
>  		*mode = NULL;
> -		size = -1;
>  	} else
>  		*buf = buffer;
>  
> -	return size;
> +	return rc;
>  }
>  
>  static int setprocattr(pid_t tid, const char *attr, const char *buf, int len)
> diff --git a/tests/regression/apparmor/introspect.c b/tests/regression/apparmor/introspect.c
> index bbdf908..367ea37 100644
> --- a/tests/regression/apparmor/introspect.c
> +++ b/tests/regression/apparmor/introspect.c
> @@ -31,7 +31,8 @@ int main(int argc, char *argv[])
>          }
>  
>          if (strcmp(argv[1], "self") == 0){
> -		if (aa_getcon(&profile, &mode) == -1) {
> +		rc = aa_getcon(&profile, &mode);
> +		if (rc == -1) {
>  			int serrno = errno;
>                          fprintf(stderr,
>  				"FAIL: introspect_confinement %s failed - %s\n",
> @@ -47,12 +48,15 @@ int main(int argc, char *argv[])
>  				"FAIL: query_confinement - invalid pid: %s\n",
>  				argv[1]);
>  			exit(serrno);
> -		} else if (aa_gettaskcon(pid, &profile, &mode) == -1) {
> -			int serrno = errno;
> -                        fprintf(stderr,
> -				"FAIL: query_confinement %s failed - %s\n",
> -                                argv[1], strerror(errno));
> -                        exit(serrno);
> +		} else {
> +			rc = aa_gettaskcon(pid, &profile, &mode);
> +			if (rc == -1) {
> +				int serrno = errno;
> +				fprintf(stderr,
> +					"FAIL: query_confinement %s failed - %s\n",
> +					argv[1], strerror(errno));
> +				exit(serrno);
> +			}
>  		}
>  	}
>  	if (strcmp(profile, argv[2]) != 0) {
> @@ -61,6 +65,21 @@ int main(int argc, char *argv[])
>  			profile);
>  		exit(1);
>  	}
> +	if (mode) {
> +		if (rc != strlen(profile) + strlen(mode) + 4) {
> +			/* rc includes mode. + 2 null term + 1 ( + 1 space */
> +			fprintf(stderr,
> +				"FAIL: expected return len %d != actual %d\n",
> +				strlen(profile) + strlen(mode) + 4, rc);
> +			exit(1);
> +		}
> +	} else if (rc != strlen(profile) + 1) {
> +		/* rc includes null termination */
> +		fprintf(stderr,
> +			"FAIL: expected return len %d != actual %d\n",
> +			strlen(profile) + 1, rc);
> +		exit(1);
> +	}
>  	if (argv[3] && (!mode || strcmp(mode, argv[3]) != 0)) {
>  		fprintf(stderr,
>  			"FAIL: expected mode \"%s\" != \"%s\"\n", argv[3],
> -- 
> 1.7.9.1
> 
> 
> -- 
> AppArmor mailing list
> AppArmor at lists.ubuntu.com
> Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor

-- 
Steve Beattie
<sbeattie at ubuntu.com>
http://NxNW.org/~steve/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20120321/f38a1a0c/attachment.pgp>

More information about the AppArmor mailing list