[PATCH 3/3] libsepol: extended permission formatting cleanup

Christian Göttsche <cgzones@xxxxxxxxxxxxxx> · Mon, 11 Dec 2023 15:48:26 +0100

Declare the read-only permission parameter const.
Use a more readable overflow check, which is also resilient against
changes of the growth factor or initial size.

Signed-off-by: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
---
 libsepol/include/sepol/policydb/util.h | 2 +-
 libsepol/src/kernel_to_cil.c           | 5 ++---
 libsepol/src/util.c                    | 5 ++---
 3 files changed, 5 insertions(+), 7 deletions(-)

diff --git a/libsepol/include/sepol/policydb/util.h b/libsepol/include/sepol/policydb/util.h
index 4ea5a346..abaff698 100644
--- a/libsepol/include/sepol/policydb/util.h
+++ b/libsepol/include/sepol/policydb/util.h
@@ -34,7 +34,7 @@ extern int add_i_to_a(uint32_t i, uint32_t * cnt, uint32_t ** a);
 extern char *sepol_av_to_string(policydb_t * policydbp, uint32_t tclass,
 				sepol_access_vector_t av);
 
-char *sepol_extended_perms_to_string(avtab_extended_perms_t *xperms);
+char *sepol_extended_perms_to_string(const avtab_extended_perms_t *xperms);
 
 /*
  * The tokenize function may be used to
diff --git a/libsepol/src/kernel_to_cil.c b/libsepol/src/kernel_to_cil.c
index bcb58eee..119b657b 100644
--- a/libsepol/src/kernel_to_cil.c
+++ b/libsepol/src/kernel_to_cil.c
@@ -1627,7 +1627,7 @@ exit:
 
 #define next_bit_in_range(i, p) (((i) + 1 < sizeof(p)*8) && xperm_test(((i) + 1), p))
 
-static char *xperms_to_str(avtab_extended_perms_t *xperms)
+static char *xperms_to_str(const avtab_extended_perms_t *xperms)
 {
 	uint16_t value;
 	uint16_t low_bit;
@@ -1644,8 +1644,7 @@ static char *xperms_to_str(avtab_extended_perms_t *xperms)
 	}
 
 retry:
-	size *= 2;
-	if (size == 0)
+	if (__builtin_mul_overflow(size, 2, &size))
 		goto err;
 	p = realloc(buffer, size);
 	if (!p)
diff --git a/libsepol/src/util.c b/libsepol/src/util.c
index 4a6f7d11..687336c8 100644
--- a/libsepol/src/util.c
+++ b/libsepol/src/util.c
@@ -126,7 +126,7 @@ char *sepol_av_to_string(policydb_t * policydbp, uint32_t tclass,
 
 #define next_bit_in_range(i, p) (((i) + 1 < sizeof(p)*8) && xperm_test(((i) + 1), p))
 
-char *sepol_extended_perms_to_string(avtab_extended_perms_t *xperms)
+char *sepol_extended_perms_to_string(const avtab_extended_perms_t *xperms)
 {
 	uint16_t value;
 	uint16_t low_bit;
@@ -142,8 +142,7 @@ char *sepol_extended_perms_to_string(avtab_extended_perms_t *xperms)
 		return NULL;
 
 retry:
-	size *= 2;
-	if (size == 0)
+	if (__builtin_mul_overflow(size, 2, &size))
 		goto err;
 	p = realloc(buffer, size);
 	if (!p)
-- 
2.43.0








