Page MenuHomeFreeBSD
Differential D10300

Correct bitwise test in mac_bsdextended ugidfw_rule_valid()
ClosedPublic
Actions

Authored by emaste on Apr 6 2017, 7:15 PM.
Tags
None
Referenced Files
Unknown Object (File)
Sat, Nov 2, 3:13 AM
Unknown Object (File)
Oct 18 2024, 12:34 AM
Unknown Object (File)
Oct 16 2024, 1:22 AM
Unknown Object (File)
Oct 16 2024, 1:21 AM
Unknown Object (File)
Oct 16 2024, 1:21 AM
Unknown Object (File)
Oct 16 2024, 1:21 AM
Unknown Object (File)
Sep 30 2024, 6:49 PM
Unknown Object (File)
Sep 24 2024, 3:24 AM
View All 68 Files
Subscribers
secteam

Details

Reviewers
rwatson
dwmalone
brueffer
jhb
kib
Commits
rS319890: Correct bitwise test in mac_bsdextended ugidfw_rule_valid()
Summary

https://www.viva64.com/en/b/0496/

Reported by: PVS-Studio
PR: 218039

Diff Detail

Repository
rS FreeBSD src repository - subversion
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

emaste created this revision.Apr 6 2017, 7:15 PM
emaste added a comment.Apr 6 2017, 9:05 PM

For reference this is also CID 1008934.

emaste added a subscriber: secteam.May 16 2017, 9:21 PM
emaste added reviewers: jhb, kib.May 16 2017, 9:30 PM
kib added inline comments.May 16 2017, 9:41 PM
sys/security/mac_bsdextended/mac_bsdextended.c
128 ↗(On Diff #27149)

Shouldn't this be mbo_flags instead of mbo_neg ?

Also, stylish test would be () != 0.

emaste added inline comments.Jun 2 2017, 11:46 PM
sys/security/mac_bsdextended/mac_bsdextended.c
128 ↗(On Diff #27149)

For reference this was introduced in rS157986, which introduced this non-stylistic change.

Perhaps we should just remove the first condition in this if, leaving

if ((rule->mbr_object.mbo_type | MBO_ALL_TYPE) != MBO_ALL_TYPE)

I.e., disallow invalid mbo_type flags regardless of whether MBO_TYPE_DEFINED is set?

emaste updated this revision to Diff 29165.Jun 3 2017, 12:12 AM

As suggested by @kib I think this is the intended test.

The test currently in svn is in effect if (1 && ...) so removing the first part (as in my comment) should be no functional change, but I suppose this is actually what's intended; mbo_type is only accessed if rule->mbr_object.mbo_flags & MBO_TYPE_DEFINED.

kib accepted this revision.Jun 3 2017, 9:14 AM
kib added inline comments.
sys/security/mac_bsdextended/mac_bsdextended.c
128 ↗(On Diff #29165)

Still, I prefer to add != 0 .

This revision is now accepted and ready to land.Jun 3 2017, 9:14 AM
Closed by commit rS319890: Correct bitwise test in mac_bsdextended ugidfw_rule_valid() (authored by emaste). · Explain WhyJun 13 2017, 1:18 AM
This revision was automatically updated to reflect the committed changes.

Revision Contents
Changeset List

PathSize
head/
sys/
security/
mac_bsdextended/
2 lines

Diff 29528

View Options

head/sys/security/mac_bsdextended/mac_bsdextended.c

Loading...