[apparmor] [PATCH 2/7] libapparmor: fix return value of aa_getpeercon_raw

Seth Arnold seth.arnold at canonical.com
Mon Jun 24 22:20:53 UTC 2013

On Mon, Jun 24, 2013 at 12:10:29PM -0700, Tyler Hicks wrote:
> As you'll see later in the man page patch, the return code and the
> resulting value of the *size parameter can be different. If the buffer
> passed into aa_getpeercon_raw() is too short for getsockopt() to store
> the requested option, then aa_getpeercon_raw() would return -1, errno
> will be ERANGE, and *size would be set to the buffer size needed for
> getsockopt() to be successful.

Well, I was thinking more of the success case; returning the size in
both the return value and the *len parameter just doesn't feel all that
useful to me. 'rc' is just checked for == -1 in the one place that uses
it, nothing would be done with the return value otherwise...

Don't get me wrong, I'm not actually opposed to it. But it doesn't
feel useful.


int aa_getpeercon(int fd, char **con)
        int rc, size = INITIAL_GUESS_SIZE;
        char *buffer = NULL;

        if (!con) {
                errno = EINVAL;
                return -1;

        do {
                buffer = realloc(buffer, size);
                if (!buffer)
                        return -1;
                memset(buffer, 0, size);

                rc = aa_getpeercon_raw(fd, buffer, &size, mode);
                /* size should contain actual size needed if errno == ERANGE */
!!      } while (rc == -1 && errno == ERANGE && size > last_size);

!!      if (rc == -1) {
                *con = NULL;
                if (mode)
                        *mode = NULL;
                size = -1;
        } else
                *con = buffer;

        return size;

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: Digital signature
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20130624/64f21326/attachment.pgp>

More information about the AppArmor mailing list