context_str(3) returns a string representation of the given context.
This string is owned by the context and free'd on context_free(3).
Declare it const, as already done in the man page, since it must not be
free'd by the caller.
Signed-off-by: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
---
libselinux/include/selinux/context.h | 2 +-
libselinux/src/context.c | 2 +-
libselinux/src/get_context_list.c | 11 ++++++-----
libselinux/src/query_user_context.c | 2 +-
policycoreutils/newrole/newrole.c | 2 +-
5 files changed, 10 insertions(+), 9 deletions(-)
diff --git a/libselinux/include/selinux/context.h b/libselinux/include/selinux/context.h
index 949fb1e1..82f4e690 100644
--- a/libselinux/include/selinux/context.h
+++ b/libselinux/include/selinux/context.h
@@ -25,7 +25,7 @@ extern "C" {
* for the same context_t*
*/
- extern char *context_str(context_t);
+ extern const char *context_str(context_t);
/* Free the storage used by a context */
extern void context_free(context_t);
diff --git a/libselinux/src/context.c b/libselinux/src/context.c
index b2144c7c..9dddbc5a 100644
--- a/libselinux/src/context.c
+++ b/libselinux/src/context.c
@@ -116,7 +116,7 @@ void context_free(context_t context)
/*
* Return a pointer to the string value of the context.
*/
-char *context_str(context_t context)
+const char *context_str(context_t context)
{
context_private_t *n = context->ptr;
int i;
diff --git a/libselinux/src/get_context_list.c b/libselinux/src/get_context_list.c
index cfe38e59..d774b9cf 100644
--- a/libselinux/src/get_context_list.c
+++ b/libselinux/src/get_context_list.c
@@ -143,6 +143,7 @@ static int get_context_user(FILE * fp,
char *linerole, *linetype;
char **new_reachable = NULL;
char *usercon_str;
+ const char *usercon_str2;
context_t con;
context_t usercon;
@@ -257,20 +258,20 @@ static int get_context_user(FILE * fp,
rc = -1;
goto out;
}
- usercon_str = context_str(usercon);
- if (!usercon_str) {
+ usercon_str2 = context_str(usercon);
+ if (!usercon_str2) {
context_free(usercon);
rc = -1;
goto out;
}
/* check whether usercon is already in reachable */
- if (is_in_reachable(*reachable, usercon_str)) {
+ if (is_in_reachable(*reachable, usercon_str2)) {
context_free(usercon);
start = end;
continue;
}
- if (security_check_context(usercon_str) == 0) {
+ if (security_check_context(usercon_str2) == 0) {
new_reachable = realloc(*reachable, (*nreachable + 2) * sizeof(char *));
if (!new_reachable) {
context_free(usercon);
@@ -278,7 +279,7 @@ static int get_context_user(FILE * fp,
goto out;
}
*reachable = new_reachable;
- new_reachable[*nreachable] = strdup(usercon_str);
+ new_reachable[*nreachable] = strdup(usercon_str2);
if (new_reachable[*nreachable] == NULL) {
context_free(usercon);
rc = -1;
diff --git a/libselinux/src/query_user_context.c b/libselinux/src/query_user_context.c
index b8125c96..29a1b360 100644
--- a/libselinux/src/query_user_context.c
+++ b/libselinux/src/query_user_context.c
@@ -115,7 +115,7 @@ int manual_user_enter_context(const char *user, char ** newcon)
int mls_enabled = is_selinux_mls_enabled();
context_t new_context; /* The new context chosen by the user */
- char *user_context = NULL; /* String value of the user's context */
+ const char *user_context = NULL; /* String value of the user's context */
int done = 0; /* true if a valid sid has been obtained */
/* Initialize the context. How this is done depends on whether
diff --git a/policycoreutils/newrole/newrole.c b/policycoreutils/newrole/newrole.c
index ae37d725..c2afa37e 100644
--- a/policycoreutils/newrole/newrole.c
+++ b/policycoreutils/newrole/newrole.c
@@ -842,7 +842,7 @@ static int parse_command_line_arguments(int argc, char **argv, char *ttyn,
char *type_ptr = NULL; /* stores malloc'd data from get_default_type */
char *level_s = NULL; /* level spec'd by user in argv[] */
char *range_ptr = NULL;
- char *new_con = NULL;
+ const char *new_con = NULL;
char *tty_con = NULL;
context_t context = NULL; /* manipulatable form of new_context */
const struct option long_options[] = {
--
2.36.1
